Vulnerability: Azure Stack HCI vulnerable to attack

On November 20, 2024By Pranco

If administrators host virtual machines with Azure Stack HCI, they should install the latest version to prevent attacks.

Close the safety hole

In a warning message, Microsoft writes that the vulnerability (CVE-2024-49060) is classified with a threat level of“highAccording to the authors, no attacks have been reported so far, but they could be imminent. A security update, which is deployed from AzureStack HCI 2411offers a solution.

If attacks are successful, attackers can gain elevated privileges. It is not yet known how this could work in detail. Microsoft states that attackers must already be authenticated for an attack to gain access to a vulnerable Azure Stack HCI cluster. This can be done, for example, via SSH.

(des)

Don’t miss any news – follow us
Facebook,
LinkedIn or
Mastodon.

This article was originally published in German. It was translated with technical assistance and editorially reviewed before publication.