Home

Description

Microsoft Azure File Sync Elevation of Privilege Vulnerability

PUBLISHED Reserved 2023-12-08 | Published 2024-02-13 | Updated 2025-05-03 | Assigner microsoft




MEDIUM: 5.3CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L/E:P/RL:O/RC:C

Problem types

CWE-59: Improper Link Resolution Before File Access ('Link Following')

Product status

16.0.0 (custom) before 16.2
affected

15.0.0 (custom) before 16.2
affected

14.0.0 (custom) before 16.2
affected

17.0.0 (custom) before 17.1
affected

References

msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21397 (Microsoft Azure File Sync Elevation of Privilege Vulnerability) vendor-advisory

msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21397 (Microsoft Azure File Sync Elevation of Privilege Vulnerability) vendor-advisory

cve.org (CVE-2024-21397)

nvd.nist.gov (CVE-2024-21397)

Download JSON