Azure Storage Movement Client Library Denial of Service Vulnerability · CVE-2024-35252 · GitHub Advisory Database · GitHub

Azure Storage Movement Client Library Denial of Service Vulnerability

High severity GitHub Reviewed Published Jun 11, 2024 to the GitHub Advisory Database • Updated Jun 11, 2024

Package

Microsoft.Azure.Storage.DataMovement (NuGet)

Affected versions

< 2.0.5

Patched versions

2.0.5

Description

Azure Storage Movement Client Library Denial of Service Vulnerability

References

Published by the National Vulnerability Database

Jun 11, 2024

Published to the GitHub Advisory Database Jun 11, 2024

Reviewed Jun 11, 2024

Last updated Jun 11, 2024

Severity

High

7.5

/ 10

CVSS base metrics

Attack vector

Network

Attack complexity

Low

Privileges required

None

User interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H