Descripción
Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to perform cross-site scripting attack, spoof user interface, obtain sensitive information, gain privileges.
Below is a complete list of vulnerabilities:
- A spoofing vulnerability in Microsoft Account can be exploited remotely to spoof user interface.
- An information disclosure vulnerability in Azure Data Explorer can be exploited remotely to obtain sensitive information.
- An elevation of privilege vulnerability in Azure Entra ID can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Azure Resource Manager can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Azure Front Door can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Azure Logic Apps can be exploited remotely to gain privileges.
Notas informativas originales
Explotación
Public exploits exist for this vulnerability.
Productos relacionados
Lista CVE
- CVE-2026-21227 critical
- CVE-2026-21264 high
- CVE-2026-21524 high
- CVE-2026-24305 critical
- CVE-2026-24306 critical
- CVE-2026-24304 critical
Lista KB
Leer más
Conozca las estadísticas de las vulnerabilidades que se propagan en su región statistics.securelist.com
¿Has encontrado algún error en la descripción de esta vulnerabilidad? ¡Háznoslo saber!