diff --git a/docs/advisories/20240822002-Azure-Managed-Instance-for-Apache-Cassandra-Elevation-of-Privilege-Vulnerability.md b/docs/advisories/20240822002-Microsoft-Publishes-Critical-Advisory.md similarity index 69% rename from docs/advisories/20240822002-Azure-Managed-Instance-for-Apache-Cassandra-Elevation-of-Privilege-Vulnerability.md rename to docs/advisories/20240822002-Microsoft-Publishes-Critical-Advisory.md index aaa9eabd..012088de 100644 --- a/docs/advisories/20240822002-Azure-Managed-Instance-for-Apache-Cassandra-Elevation-of-Privilege-Vulnerability.md +++ b/docs/advisories/20240822002-Microsoft-Publishes-Critical-Advisory.md @@ -1,4 +1,4 @@ -# Azure Managed Instance for Apache Cassandra Elevation of Privilege Vulnerability - 20240822002 +# Microsoft Publishes Critical CVE Advisory - 20240822002 ## Overview @@ -10,8 +10,12 @@ Microsoft publishes critical advisory for Azure Managed Instance for Apache Cass | ------------------------------------------- | ---------------------------------------- | ----------------------------------------------------------------- | ---- | ------------ | | Azure Managed Instance for Apache Cassandra | clusters updated before 20th August 2024 | [CVE-2024-38175](https://www.cve.org/CVERecord?id=CVE-2024-38175) | 9.6 | **Critical** | +## What has been observed? + +Microsoft is aware of functional exploitation in the wild. There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing. + ## Recommendation -The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of *one month...* (refer [Patch Management](../guidelines/patch-management.md)): +The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of *48 hours...* (refer [Patch Management](../guidelines/patch-management.md)): -- https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-38175 +- Microsoft CVE article: