First published: Tue Nov 26 2024(Updated: )
<p>An improper access control vulnerability in <a href="https://partner.microsoft.com/">Partner.Microsoft.com</a> allows an a unauthenticated attacker to elevate privileges over a network.</p>
Credit: secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Partner Center | ||
Microsoft Partner Center | ||
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-49035 has been rated as a high severity vulnerability due to its potential for unauthorized privilege escalation.
To mitigate CVE-2024-49035, ensure that your Microsoft Partner Center is updated to the latest version that addresses this access control issue.
CVE-2024-49035 affects users and administrators of Microsoft Partner Center who do not have proper access control configurations.
Yes, an unauthenticated attacker can exploit CVE-2024-49035 over a network to elevate privileges.
CVE-2024-49035 can facilitate attacks such as privilege escalation, allowing attackers to gain unauthorized access to sensitive functions within Partner.Microsoft.com.