CVE Published: 26/11/2024 |
CVE Updated: 27/11/2024 |
CVE Year: 2024 Source: microsoft |
Vendor: Microsoft |
Product: Microsoft Partner Center Status : PUBLISHED
CVE-2024-49035 Description
An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated attacker to elevate privileges over a network.
Metrics
CVSS Version: 3.1 |
Base Score: 8.7 HIGH Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C