7 min read
By: RedLegg Blog
Azure Arc-enabled Kubernetes cluster Connect Elevation of Privilege Vulnerability
Identifier: CVE-2022-37968
Exploit or POC: No
Update: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-37968
Description: CVE-2022-37968 allows an attacker to achieve elevated privileges to secure administrative control of the Kubernetes cluster. This vulnerability impacts the cluster connect feature found within the Azure Arc-enabled Kubernetes clusters. User interaction and authentication are not required for successful exploitation. Carrying out an exploit for CVE-2022-37968 via internet implies the attacker acquired foreknowledge of the randomly generated external DNS endpoint for an Azure Arc-enabled Kubernetes cluster.
Mitigation Recommendation: Patching is currently the only method of mitigation.
Server Service Remote Protocol Elevation of Privilege Vulnerability
Identifier: CVE-2022-38045
Exploit or POC: No
Update: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38045
Description: CVE-2022-38045 exclusively allows an attacker to delete files on a targeted system. User interaction is not required to successfully exploit this vulnerability. An attacker would, however, be incapable of modifying or viewing file contents.
Mitigation Recommendation: Patching is currently the only method of mitigation.
Windows COM+ Event System Service Elevation of Privilege Vulnerability
Identifier: CVE-2022-41033
Exploit or POC: Yes (Actively Being Exploited)
Update: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41033
Description: CVE-2022-41033 presents as an elevation of privileges security flaw. This vulnerability would allow an attacker to secure SYSTEM privileges. User interaction is not required for successful exploitation.
Mitigation Recommendation: Patching is currently the only method of mitigation.
Microsoft SharePoint Server Remote Code Execution Vulnerability
Identifier: CVE-2022-38053
Exploit or POC: No
Update: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38053
Description: CVE-2022-38053 allows an attacker to execute remote code onto the SharePoint Server. Carrying out this exploit requires the attacker authenticate to the intended site and also secure Manage List permissions on the SharePoint server.
Mitigation Recommendation: Patching is currently the only method of mitigation.
Microsoft SharePoint Server Remote Code Execution Vulnerability
Identifier: CVE-2022-41038
Exploit or POC: No
Update: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41038
Description: CVE-2022-41038 allows an attacker to execute remote code onto the SharePoint Server. Carrying out this exploit requires the attacker authenticate to the intended site and also secure Manage List permissions on the SharePoint server.
Mitigation Recommendation: Patching is currently the only method of mitigation.
Microsoft SharePoint Server Remote Code Execution Vulnerability
Identifier: CVE-2022-41036
Exploit or POC: No
Update: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41036
Description: CVE-2022-41036 allows an attacker to execute remote code onto the SharePoint Server. Carrying out this exploit requires the attacker authenticate to the intended site and also secure Manage List permissions on the SharePoint server.
Mitigation Recommendation: Patching is currently the only method of mitigation.
