Search
Find a vulnerability
Search criteria
2 vulnerabilities found for ipam by Azure
CVE-2024-21638 (GCVE-0-2024-21638)
Vulnerability from nvd – Published: 2024-01-10 21:44 – Updated: 2025-06-03 14:27
VLAI
Title
Azure IPAM solution Elevation of Privilege Vulnerability
Summary
Azure IPAM (IP Address Management) is a lightweight solution developed on top of the Azure platform designed to help Azure customers manage their IP Address space easily and effectively. By design there is no write access to customers' Azure environments as the Service Principal used is only assigned the Reader role at the root Management Group level. Until recently, the solution lacked the validation of the passed in authentication token which may result in attacker impersonating any privileged user to access data stored within the IPAM instance and subsequently from Azure, causing an elevation of privilege. This vulnerability has been patched in version 3.0.0.
Severity
9.1 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/Azure/ipam/security/advisories… | x_refsource_CONFIRM |
| https://github.com/Azure/ipam/pull/218 | x_refsource_MISC |
| https://github.com/Azure/ipam/commit/64ef2d07edf1… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:27:35.819Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Azure/ipam/security/advisories/GHSA-m8mp-jq4c-g8j6",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Azure/ipam/security/advisories/GHSA-m8mp-jq4c-g8j6"
},
{
"name": "https://github.com/Azure/ipam/pull/218",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Azure/ipam/pull/218"
},
{
"name": "https://github.com/Azure/ipam/commit/64ef2d07edf16ffa50f29c7e0e25d32d974b367f",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Azure/ipam/commit/64ef2d07edf16ffa50f29c7e0e25d32d974b367f"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-21638",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T15:41:13.322757Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T14:27:29.665Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ipam",
"vendor": "Azure",
"versions": [
{
"status": "affected",
"version": "\u003c 3.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Azure IPAM (IP Address Management) is a lightweight solution developed on top of the Azure platform designed to help Azure customers manage their IP Address space easily and effectively. By design there is no write access to customers\u0027 Azure environments as the Service Principal used is only assigned the Reader role at the root Management Group level. Until recently, the solution lacked the validation of the passed in authentication token which may result in attacker impersonating any privileged user to access data stored within the IPAM instance and subsequently from Azure, causing an elevation of privilege. This vulnerability has been patched in version 3.0.0.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-10T21:44:23.080Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Azure/ipam/security/advisories/GHSA-m8mp-jq4c-g8j6",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Azure/ipam/security/advisories/GHSA-m8mp-jq4c-g8j6"
},
{
"name": "https://github.com/Azure/ipam/pull/218",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Azure/ipam/pull/218"
},
{
"name": "https://github.com/Azure/ipam/commit/64ef2d07edf16ffa50f29c7e0e25d32d974b367f",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Azure/ipam/commit/64ef2d07edf16ffa50f29c7e0e25d32d974b367f"
}
],
"source": {
"advisory": "GHSA-m8mp-jq4c-g8j6",
"discovery": "UNKNOWN"
},
"title": "Azure IPAM solution Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-21638",
"datePublished": "2024-01-10T21:44:23.080Z",
"dateReserved": "2023-12-29T03:00:44.957Z",
"dateUpdated": "2025-06-03T14:27:29.665Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-21638 (GCVE-0-2024-21638)
Vulnerability from cvelistv5 – Published: 2024-01-10 21:44 – Updated: 2025-06-03 14:27
VLAI
Title
Azure IPAM solution Elevation of Privilege Vulnerability
Summary
Azure IPAM (IP Address Management) is a lightweight solution developed on top of the Azure platform designed to help Azure customers manage their IP Address space easily and effectively. By design there is no write access to customers' Azure environments as the Service Principal used is only assigned the Reader role at the root Management Group level. Until recently, the solution lacked the validation of the passed in authentication token which may result in attacker impersonating any privileged user to access data stored within the IPAM instance and subsequently from Azure, causing an elevation of privilege. This vulnerability has been patched in version 3.0.0.
Severity
9.1 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/Azure/ipam/security/advisories… | x_refsource_CONFIRM |
| https://github.com/Azure/ipam/pull/218 | x_refsource_MISC |
| https://github.com/Azure/ipam/commit/64ef2d07edf1… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:27:35.819Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Azure/ipam/security/advisories/GHSA-m8mp-jq4c-g8j6",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Azure/ipam/security/advisories/GHSA-m8mp-jq4c-g8j6"
},
{
"name": "https://github.com/Azure/ipam/pull/218",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Azure/ipam/pull/218"
},
{
"name": "https://github.com/Azure/ipam/commit/64ef2d07edf16ffa50f29c7e0e25d32d974b367f",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Azure/ipam/commit/64ef2d07edf16ffa50f29c7e0e25d32d974b367f"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-21638",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T15:41:13.322757Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T14:27:29.665Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ipam",
"vendor": "Azure",
"versions": [
{
"status": "affected",
"version": "\u003c 3.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Azure IPAM (IP Address Management) is a lightweight solution developed on top of the Azure platform designed to help Azure customers manage their IP Address space easily and effectively. By design there is no write access to customers\u0027 Azure environments as the Service Principal used is only assigned the Reader role at the root Management Group level. Until recently, the solution lacked the validation of the passed in authentication token which may result in attacker impersonating any privileged user to access data stored within the IPAM instance and subsequently from Azure, causing an elevation of privilege. This vulnerability has been patched in version 3.0.0.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-10T21:44:23.080Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Azure/ipam/security/advisories/GHSA-m8mp-jq4c-g8j6",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Azure/ipam/security/advisories/GHSA-m8mp-jq4c-g8j6"
},
{
"name": "https://github.com/Azure/ipam/pull/218",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Azure/ipam/pull/218"
},
{
"name": "https://github.com/Azure/ipam/commit/64ef2d07edf16ffa50f29c7e0e25d32d974b367f",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Azure/ipam/commit/64ef2d07edf16ffa50f29c7e0e25d32d974b367f"
}
],
"source": {
"advisory": "GHSA-m8mp-jq4c-g8j6",
"discovery": "UNKNOWN"
},
"title": "Azure IPAM solution Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-21638",
"datePublished": "2024-01-10T21:44:23.080Z",
"dateReserved": "2023-12-29T03:00:44.957Z",
"dateUpdated": "2025-06-03T14:27:29.665Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}