Overview
- Description
- An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated attacker to elevate privileges over a network.
- Source
- secure@microsoft.com
- NVD status
- Received
- CNA Tags
- exclusively-hosted-service
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 8.7
- Impact score
- 5.8
- Exploitability score
- 2.3
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
- Severity
- HIGH
Weaknesses
- secure@microsoft.com
- CWE-269
Social media
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
1
Here are some notable updates in information security: Vulnerabilities and Patches - Microsoft addressed critical security flaws in its AI, cloud, and ERP offerings, with one flaw (CVE-2024-49035) already being exploited in the wild. - Palo Alto Networks patched… https://t.
@johnmstark
1 Dec 2024
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Alerte ! Microsoft corrige les failles de sécurité dans l'IA, le Cloud et l'ERP, dont une exploitée activement. La vulnérabilité CVE-2024-49035 est évaluée à 8.7 CVSS. Analyse pour les Analystes Sécurité #Cybersecurite #ExploitZeroDay 👉 https://t.co/KTKvSrZsV4
@CyberAlertFr
30 Nov 2024
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Microsoft just addressed critical security flaws impacting its AI, cloud, and ERP offerings, with one flaw (CVE-2024-49035) already exploited in the wild. Get the full details — https://t.co/7GgYxWYC7R
@ExposinKingfish
29 Nov 2024
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The vulnerability that has been tagged with an "Exploitation Detected" assessment is CVE-2024-49035 (CVSS score: 8.7), a privilege escalation flaw in partner[.]microsoft[.]com. https://t.co/BFCQ0CXjuD
@jbhall56
29 Nov 2024
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft fixed four security flaws impacting its artificial intelligence (AI), cloud, enterprise resource planning, and Partner Center, including one that has been exploited in the wild, CVE-2024-49035 (CVSS score: 8.7), a privilege escalation flaw. https://t.co/90MReKOtwM https
@riskigy
29 Nov 2024
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Phishing-as-a-Service e vulnerabilità nei servizi Microsoft Sicurezza Informatica, CVE-2024-49035, FUD, Microsoft, Phishing-as-a-Service, QR phishing, Rockstar 2FA, sicurezza cloud, vulnerabilità https://t.co/PR2PLTu71O https://t.co/z9eOBy900f
@matricedigitale
29 Nov 2024
46 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Microsoft just addressed critical security flaws impacting its AI, cloud, and ERP offerings, with one flaw (CVE-2024-49035) already exploited in the wild. Get the full details — https://t.co/ieHHnTJkAb #cybersecurity #infosec
@TheHackersNews
29 Nov 2024
10007 Impressions
38 Retweets
62 Likes
8 Bookmarks
1 Reply
0 Quotes
🧐 Exploited: Yes Exploitability assessment:Exploitation Detected CVE-2024-49035 - Security Update Guide - Microsoft - Partner .Microsoft .Com Elevation of Privilege Vulnerability https://t.co/dZj7l2WlmU
@autumn_good_35
28 Nov 2024
106 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
We have just added an important vulnerability affecting Microsoft Partner Center (CVE-2024-49035) https://t.co/CZ7zweRJYI
@vuldb
27 Nov 2024
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#securityupdate #microsoft #定例外 2024.11.26 https://t.co/YUP9SxlOAw の特権昇格の脆弱性 CVE-2024-49035 Security Vulnerability リリース日: 2024年11月26日 - マイクロソフト https://t.co/YyoFBhmp1X
@kawn2020
27 Nov 2024
83 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
1 Quote
🚨 CVE-2024-49035: Critical vuln in Microsoft Partner Center's https://t.co/g05k4Z0wqP leads to privilege management issues. Impact: Potential account takeover. Action: Apply patches immediately once available from Microsoft. #CyberSecurity #PartnerCenter
@oktsec
26 Nov 2024
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2024-49035: HIGH] An improper access control vulnerability in https://t.co/vxEMYyb8CF allows an a unauthenticated attacker to elevate privileges over a network.#cybersecurity,#vulnerability https://t.co/dj1k1IlXgo https://t.co/hxily87LCX
@CveFindCom
26 Nov 2024
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes