# [CVE-2024-32651] changedetection < 0.45.20 - Remote Code Execution (RCE) On the target machine, Changedetection v 0.45.1 is running. A quick search on exploit DB will give the RCE. https://www.exploit-db.com/exploits/52027 Run the exploit code Where IP is the attacker IP and port is the listening port of the attacker. We got the root access.
An availability set is a logical grouping of two or more VMs that helps to keep the application hosted in the Azure cloud, available during planned or unplanned maintenance.
Planned events such as patch security vulnerabilities, improve performance, and add or update features can be considered as a Planned Maintenance. Where as, an unplanned maintenance are events that involves a hardware failure in the data center, or a power outage or a disk failure etc. On such events, cloud providers needs to ensure that their customers are not affected by any of these events. To achieve this in the Azure cloud, one of the method is to use availability sets. VMs that are part of an availability set automatically switch to a working physical server so the VM continues to run. The group of virtual machines that share common hardware are in the same fault domain. A fault domain is essentially a rack of servers. It provides the physical separation of your workload across different power, cooling, and network hardware that support the physical servers in the data center server racks. In the event the hardware that supports a server rack becomes unavailable, only that rack of servers is affected by the outage.
For example, during the monthly patching activity, the VMs are required to reboot. Using Availability Sets, one VM can be rebooted at a time and the other will be up achieving fault tolerance and zero downtime.