Azure Automation
CVE-2019-0962
MEDIUM
Severity by source
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
1DescriptionNVD
An elevation of privilege vulnerability exists in Azure Automation "RunAs account" runbooks for users with contributor role, aka 'Azure Automation Elevation of Privilege Vulnerability'.
AnalysisAI
An elevation of privilege vulnerability exists in Azure Automation "RunAs account" runbooks for users with contributor role, aka 'Azure Automation Elevation of Privilege Vulnerability'. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.
Technical ContextAI
An elevation of privilege vulnerability exists in Azure Automation "RunAs account" runbooks for users with contributor role, aka 'Azure Automation Elevation of Privilege Vulnerability'. Affected products include: Microsoft Azure Automation.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Azure Automation
View allAn information disclosure vulnerability manifests when a user or an application uploads unprotected private key data as
Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerab
Improper authorization in Azure Automation allows an authorized attacker to elevate privileges over a network. Rated cri
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today