.avif)
View all vulnerabilities
CVE-2024-35255
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability
Description
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability.
Patch Available
Fix available through Seal Security. No upgrade required, protect your application instantly.
Fix without upgradingVulnerability Details
Score
5.4
Score Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected Versions
azure-identity < 1.16.1; @azure/identity < 4.2.1; com.azure:azure-identity < 1.12.2; @azure/msal-node >= 2.7.0 < 2.9.2; Microsoft.Identity.Client >= 4.49.1 < 4.60.4; github.com/Azure/azure-sdk-for-go/sdk/azidentity < 1.6.0-beta.4.0.20240610221955-50774cd97099; com.microsoft.azure:msal4j >= 1.14.4-beta < 1.15.1; Azure.Identity < 1.11.4; Microsoft.Identity.Client >= 4.61.0 < 4.61.3
Severity
Medium
Medium
Medium
Ecosystem
GO
Publish Date
June 11, 2024
Modified Date
July 22, 2025