CVE-2023-21703 MEDIUM

CVE-2023-21703: Azure Data Box Gateway Remote Code Execution Vulnerability

Vendor Microsoft
Product Azure Data Box Gateway
Weakness CWE-502 · Unsafe deserialization
Published February 14, 2023
Last update January 1, 2025
View on NVD All CVEs

CVSS base score

6.5/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C

What the vulnerability does

01Description

Azure Data Box Gateway Remote Code Execution Vulnerability

Key dates

02Disclosure timeline

February 14, 2023 CVE published
January 1, 2025 Record updated

Related vulnerabilities

04Related CVE

CVE-2024-13770 Puzzles | WP Magazine / Review with Store WordPress Theme + RTL <= 4.2.4 - Unauthenticated PHP Object Injection CVE-2024-50507 WordPress DS.DownloadList plugin <= 1.3 - PHP Object Injection vulnerability CVE-2026-24747 PyTorch Vulnerable to Remote Code Execution via Untrusted Checkpoint Files CVE-2025-32572 WordPress Kata Plus Plugin <= 1.5.3 - PHP Object Injection vulnerability CVE-2025-62515 Remote Code Execution by Pickle Deserialization via FlightServer in pyquokka