You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Azure App Service RCE / Sandbox Escape (CVE-2019-1372)
Summary: A Vulnerability in App Service could allow an unprivileged function run by the user to execute code in the context of NT AUTHORITY\system thereby escaping the Sandbox. This Vulnerability allowed cross-account access when using Free/Shared tier.
Platform: Azure
Severity: Critical
Date: Reported: June 27, 2019, Published: January 30, 2020
Discoverer: Ronen Shustin (@ronenshh)
Customer action: Azure Cloud - N/A, Azure Stack / Windows Azure Pack Web Sites V2 - Manual Update
Azure App Service RCE / Sandbox Escape (CVE-2019-1372)
The text was updated successfully, but these errors were encountered: