Multiple vulnerabilities in Microsoft Azure

Описание

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to perform cross-site scripting attack, spoof user interface, obtain sensitive information, gain privileges.

Below is a complete list of vulnerabilities:

1. A spoofing vulnerability in Microsoft Account can be exploited remotely to spoof user interface.
2. An information disclosure vulnerability in Azure Data Explorer can be exploited remotely to obtain sensitive information.
3. An elevation of privilege vulnerability in Azure Entra ID can be exploited remotely to gain privileges.
4. An elevation of privilege vulnerability in Azure Resource Manager can be exploited remotely to gain privileges.
5. An elevation of privilege vulnerability in Azure Front Door can be exploited remotely to gain privileges.
6. An elevation of privilege vulnerability in Azure Logic Apps can be exploited remotely to gain privileges.

Первичный источник обнаружения

• CVE-2026-21264
  CVE-2026-21524
  CVE-2026-24305
  CVE-2026-24304
  CVE-2026-24306
  CVE-2026-21227
  

Связанные продукты

• Microsoft-Azure

Список CVE

• CVE-2026-21227
  critical
• CVE-2026-21264
  critical
• CVE-2026-21524
  high
• CVE-2026-24305
  critical
• CVE-2026-24306
  critical
• CVE-2026-24304
  critical

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com