CVE-2023-36052

high

Description

Azure CLI REST Command Information Disclosure Vulnerability

References

Advisories
References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36052

https://www.scmagazine.com/brief/credential-exposure-possible-with-cloud-cli-tool-vulnerability

https://thehackernews.com/2024/04/aws-google-and-azure-cli-tools-could.html

https://orca.security/resources/blog/leakycli-aws-google-cloud-command-line-tools-can-expose-sensitive-credentials-build-logs/

Details

Source: Mitre, NVD

Published: 2023-11-14

Updated: 2024-05-29

Named Vulnerability: LeakyCLI

Risk Information

CVSS v2

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

Severity: High

CVSS v3

Base Score: 8.6

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Severity: High

EPSS

EPSS: 0.02056