Vulnerability-Lookup

WID-SEC-W-2026-0201

Vulnerability from csaf_certbund - Published: 2026-01-22 23:00 - Updated: 2026-01-25 23:00

Summary

Microsoft Azure, Copilot und Entra: Mehrere Schwachstellen

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Azure ist eine Cloud Computing-Plattform von Microsoft. Microsoft Copilot ist ein KI-Assistent, der in verschiedene Microsoft-Produkte integriert werden kann. Microsoft Entra ID (früher Azure Active Directory) ist ein cloudbasierter Identitäts- und Zugriffsverwaltungsdienst von Microsoft.

Angriff: Ein entfernter Angreifer kann mehrere Schwachstellen in Microsoft Azure, Microsoft 365 Copilot und Microsoft Entra ausnutzen, um seine Privilegien zu erhöhen, Cross-Site-Scripting-Angriffe durchzuführen und vertrauliche Informationen offenzulegen.

Betroffene Betriebssysteme: - Sonstiges - UNIX - Windows

CVE-2026-21227

Affected products

Known affected 8 products

Product	Identifier	Version
Microsoft Azure Account Microsoft / Azure	`cpe:/a:microsoft:azure:account`	Account
Microsoft Azure Logic Apps Microsoft / Azure	`cpe:/a:microsoft:azure:logic_apps`	Logic Apps
Microsoft Azure Data Explorer Microsoft / Azure	`cpe:/a:microsoft:azure:data_explorer`	Data Explorer
Microsoft 365 Copilot Word Microsoft / 365 Copilot	`cpe:/a:microsoft:365_copilot:word`	Word
Microsoft Entra ID Microsoft / Entra	`cpe:/a:microsoft:entra:id`	ID
Microsoft Azure Resource Manager Microsoft / Azure	`cpe:/a:microsoft:azure:resource_manager`	Resource Manager
Microsoft 365 Copilot Microsoft / 365 Copilot	`cpe:/a:microsoft:365_copilot:-`	—
Microsoft Azure Front Door Microsoft / Azure	`cpe:/a:microsoft:azure:front_door`	Front Door

CVE-2026-21264

Affected products

Known affected 8 products

Product	Identifier	Version
Microsoft Azure Account Microsoft / Azure	`cpe:/a:microsoft:azure:account`	Account
Microsoft Azure Logic Apps Microsoft / Azure	`cpe:/a:microsoft:azure:logic_apps`	Logic Apps
Microsoft Azure Data Explorer Microsoft / Azure	`cpe:/a:microsoft:azure:data_explorer`	Data Explorer
Microsoft 365 Copilot Word Microsoft / 365 Copilot	`cpe:/a:microsoft:365_copilot:word`	Word
Microsoft Entra ID Microsoft / Entra	`cpe:/a:microsoft:entra:id`	ID
Microsoft Azure Resource Manager Microsoft / Azure	`cpe:/a:microsoft:azure:resource_manager`	Resource Manager
Microsoft 365 Copilot Microsoft / 365 Copilot	`cpe:/a:microsoft:365_copilot:-`	—
Microsoft Azure Front Door Microsoft / Azure	`cpe:/a:microsoft:azure:front_door`	Front Door

CVE-2026-21521

Affected products

Known affected 8 products

Product	Identifier	Version
Microsoft Azure Account Microsoft / Azure	`cpe:/a:microsoft:azure:account`	Account
Microsoft Azure Logic Apps Microsoft / Azure	`cpe:/a:microsoft:azure:logic_apps`	Logic Apps
Microsoft Azure Data Explorer Microsoft / Azure	`cpe:/a:microsoft:azure:data_explorer`	Data Explorer
Microsoft 365 Copilot Word Microsoft / 365 Copilot	`cpe:/a:microsoft:365_copilot:word`	Word
Microsoft Entra ID Microsoft / Entra	`cpe:/a:microsoft:entra:id`	ID
Microsoft Azure Resource Manager Microsoft / Azure	`cpe:/a:microsoft:azure:resource_manager`	Resource Manager
Microsoft 365 Copilot Microsoft / 365 Copilot	`cpe:/a:microsoft:365_copilot:-`	—
Microsoft Azure Front Door Microsoft / Azure	`cpe:/a:microsoft:azure:front_door`	Front Door

CVE-2026-21524

Affected products

Known affected 8 products

Product	Identifier	Version
Microsoft Azure Account Microsoft / Azure	`cpe:/a:microsoft:azure:account`	Account
Microsoft Azure Logic Apps Microsoft / Azure	`cpe:/a:microsoft:azure:logic_apps`	Logic Apps
Microsoft Azure Data Explorer Microsoft / Azure	`cpe:/a:microsoft:azure:data_explorer`	Data Explorer
Microsoft 365 Copilot Word Microsoft / 365 Copilot	`cpe:/a:microsoft:365_copilot:word`	Word
Microsoft Entra ID Microsoft / Entra	`cpe:/a:microsoft:entra:id`	ID
Microsoft Azure Resource Manager Microsoft / Azure	`cpe:/a:microsoft:azure:resource_manager`	Resource Manager
Microsoft 365 Copilot Microsoft / 365 Copilot	`cpe:/a:microsoft:365_copilot:-`	—
Microsoft Azure Front Door Microsoft / Azure	`cpe:/a:microsoft:azure:front_door`	Front Door

CVE-2026-24304

Affected products

Known affected 8 products

Product	Identifier	Version
Microsoft Azure Account Microsoft / Azure	`cpe:/a:microsoft:azure:account`	Account
Microsoft Azure Logic Apps Microsoft / Azure	`cpe:/a:microsoft:azure:logic_apps`	Logic Apps
Microsoft Azure Data Explorer Microsoft / Azure	`cpe:/a:microsoft:azure:data_explorer`	Data Explorer
Microsoft 365 Copilot Word Microsoft / 365 Copilot	`cpe:/a:microsoft:365_copilot:word`	Word
Microsoft Entra ID Microsoft / Entra	`cpe:/a:microsoft:entra:id`	ID
Microsoft Azure Resource Manager Microsoft / Azure	`cpe:/a:microsoft:azure:resource_manager`	Resource Manager
Microsoft 365 Copilot Microsoft / 365 Copilot	`cpe:/a:microsoft:365_copilot:-`	—
Microsoft Azure Front Door Microsoft / Azure	`cpe:/a:microsoft:azure:front_door`	Front Door

CVE-2026-24305

Affected products

Known affected 8 products

Product	Identifier	Version
Microsoft Azure Account Microsoft / Azure	`cpe:/a:microsoft:azure:account`	Account
Microsoft Azure Logic Apps Microsoft / Azure	`cpe:/a:microsoft:azure:logic_apps`	Logic Apps
Microsoft Azure Data Explorer Microsoft / Azure	`cpe:/a:microsoft:azure:data_explorer`	Data Explorer
Microsoft 365 Copilot Word Microsoft / 365 Copilot	`cpe:/a:microsoft:365_copilot:word`	Word
Microsoft Entra ID Microsoft / Entra	`cpe:/a:microsoft:entra:id`	ID
Microsoft Azure Resource Manager Microsoft / Azure	`cpe:/a:microsoft:azure:resource_manager`	Resource Manager
Microsoft 365 Copilot Microsoft / 365 Copilot	`cpe:/a:microsoft:365_copilot:-`	—
Microsoft Azure Front Door Microsoft / Azure	`cpe:/a:microsoft:azure:front_door`	Front Door

CVE-2026-24306

Affected products

Known affected 8 products

Product	Identifier	Version
Microsoft Azure Account Microsoft / Azure	`cpe:/a:microsoft:azure:account`	Account
Microsoft Azure Logic Apps Microsoft / Azure	`cpe:/a:microsoft:azure:logic_apps`	Logic Apps
Microsoft Azure Data Explorer Microsoft / Azure	`cpe:/a:microsoft:azure:data_explorer`	Data Explorer
Microsoft 365 Copilot Word Microsoft / 365 Copilot	`cpe:/a:microsoft:365_copilot:word`	Word
Microsoft Entra ID Microsoft / Entra	`cpe:/a:microsoft:entra:id`	ID
Microsoft Azure Resource Manager Microsoft / Azure	`cpe:/a:microsoft:azure:resource_manager`	Resource Manager
Microsoft 365 Copilot Microsoft / 365 Copilot	`cpe:/a:microsoft:365_copilot:-`	—
Microsoft Azure Front Door Microsoft / Azure	`cpe:/a:microsoft:azure:front_door`	Front Door

CVE-2026-24307

Affected products

Known affected 8 products

Product	Identifier	Version
Microsoft Azure Account Microsoft / Azure	`cpe:/a:microsoft:azure:account`	Account
Microsoft Azure Logic Apps Microsoft / Azure	`cpe:/a:microsoft:azure:logic_apps`	Logic Apps
Microsoft Azure Data Explorer Microsoft / Azure	`cpe:/a:microsoft:azure:data_explorer`	Data Explorer
Microsoft 365 Copilot Word Microsoft / 365 Copilot	`cpe:/a:microsoft:365_copilot:word`	Word
Microsoft Entra ID Microsoft / Entra	`cpe:/a:microsoft:entra:id`	ID
Microsoft Azure Resource Manager Microsoft / Azure	`cpe:/a:microsoft:azure:resource_manager`	Resource Manager
Microsoft 365 Copilot Microsoft / 365 Copilot	`cpe:/a:microsoft:365_copilot:-`	—
Microsoft Azure Front Door Microsoft / Azure	`cpe:/a:microsoft:azure:front_door`	Front Door

References

11 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://msrc.microsoft.com/update-guide/	external
https://msrc.microsoft.com/update-guide/vulnerabi…	external
https://msrc.microsoft.com/update-guide/vulnerabi…	external
https://msrc.microsoft.com/update-guide/vulnerabi…	external
https://msrc.microsoft.com/update-guide/vulnerabi…	external
https://msrc.microsoft.com/update-guide/vulnerabi…	external
https://msrc.microsoft.com/update-guide/vulnerabi…	external
https://msrc.microsoft.com/update-guide/vulnerabi…	external
https://msrc.microsoft.com/update-guide/vulnerabi…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Azure ist eine Cloud Computing-Plattform von Microsoft.\r\nMicrosoft Copilot ist ein KI-Assistent, der in verschiedene Microsoft-Produkte integriert werden kann.\r\nMicrosoft Entra ID (fr\u00fcher Azure Active Directory) ist ein cloudbasierter Identit\u00e4ts- und Zugriffsverwaltungsdienst von Microsoft.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter Angreifer kann mehrere Schwachstellen in Microsoft Azure, Microsoft 365 Copilot und Microsoft Entra ausnutzen, um seine Privilegien zu erh\u00f6hen, Cross-Site-Scripting-Angriffe durchzuf\u00fchren und vertrauliche Informationen offenzulegen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2026-0201 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0201.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2026-0201 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0201"
      },
      {
        "category": "external",
        "summary": "Microsoft Security Update Guide vom 2026-01-22",
        "url": "https://msrc.microsoft.com/update-guide/"
      },
      {
        "category": "external",
        "summary": "Azure Logic Apps Elevation of Privilege Vulnerability vom 2026-01-22",
        "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21227"
      },
      {
        "category": "external",
        "summary": "Microsoft Account Spoofing Vulnerability vom 2026-01-22",
        "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21264"
      },
      {
        "category": "external",
        "summary": "Word Copilot Information Disclosure Vulnerability vom 2026-01-22",
        "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21521"
      },
      {
        "category": "external",
        "summary": "Azure Data Explorer Information Disclosure Vulnerability vom 2026-01-22",
        "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21524"
      },
      {
        "category": "external",
        "summary": "Azure Resource Manager Elevation of Privilege Vulnerability vom 2026-01-22",
        "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24304"
      },
      {
        "category": "external",
        "summary": "Azure Entra ID Elevation of Privilege Vulnerability vom 2026-01-22",
        "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24305"
      },
      {
        "category": "external",
        "summary": "Azure Front Door Elevation of Privilege Vulnerability vom 2026-01-22",
        "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24306"
      },
      {
        "category": "external",
        "summary": "M365 Copilot Information Disclosure Vulnerability vom 2026-01-22",
        "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24307"
      }
    ],
    "source_lang": "en-US",
    "title": "Microsoft Azure, Copilot und Entra: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2026-01-25T23:00:00.000+00:00",
      "generator": {
        "date": "2026-01-26T09:06:10.525+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2026-0201",
      "initial_release_date": "2026-01-22T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2026-01-22T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2026-01-25T23:00:00.000+00:00",
          "number": "2",
          "summary": "Referenz(en) aufgenommen: EUVD-2026-4507, EUVD-2026-4498, EUVD-2026-4497, EUVD-2026-4506, EUVD-2026-4501, EUVD-2026-4496, EUVD-2026-4494, EUVD-2026-4493"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "Word",
                "product": {
                  "name": "Microsoft 365 Copilot Word",
                  "product_id": "T050272",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:365_copilot:word"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Microsoft 365 Copilot",
                "product": {
                  "name": "Microsoft 365 Copilot",
                  "product_id": "T050277",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:365_copilot:-"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "365 Copilot"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "Logic Apps",
                "product": {
                  "name": "Microsoft Azure Logic Apps",
                  "product_id": "T050270",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:azure:logic_apps"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Account",
                "product": {
                  "name": "Microsoft Azure Account",
                  "product_id": "T050271",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:azure:account"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Data Explorer",
                "product": {
                  "name": "Microsoft Azure Data Explorer",
                  "product_id": "T050273",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:azure:data_explorer"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Resource Manager",
                "product": {
                  "name": "Microsoft Azure Resource Manager",
                  "product_id": "T050274",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:azure:resource_manager"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Front Door",
                "product": {
                  "name": "Microsoft Azure Front Door",
                  "product_id": "T050276",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:azure:front_door"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Azure"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ID",
                "product": {
                  "name": "Microsoft Entra ID",
                  "product_id": "T050275",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:entra:id"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Entra"
          }
        ],
        "category": "vendor",
        "name": "Microsoft"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-21227",
      "product_status": {
        "known_affected": [
          "T050271",
          "T050270",
          "T050273",
          "T050272",
          "T050275",
          "T050274",
          "T050277",
          "T050276"
        ]
      },
      "release_date": "2026-01-22T23:00:00.000+00:00",
      "title": "CVE-2026-21227"
    },
    {
      "cve": "CVE-2026-21264",
      "product_status": {
        "known_affected": [
          "T050271",
          "T050270",
          "T050273",
          "T050272",
          "T050275",
          "T050274",
          "T050277",
          "T050276"
        ]
      },
      "release_date": "2026-01-22T23:00:00.000+00:00",
      "title": "CVE-2026-21264"
    },
    {
      "cve": "CVE-2026-21521",
      "product_status": {
        "known_affected": [
          "T050271",
          "T050270",
          "T050273",
          "T050272",
          "T050275",
          "T050274",
          "T050277",
          "T050276"
        ]
      },
      "release_date": "2026-01-22T23:00:00.000+00:00",
      "title": "CVE-2026-21521"
    },
    {
      "cve": "CVE-2026-21524",
      "product_status": {
        "known_affected": [
          "T050271",
          "T050270",
          "T050273",
          "T050272",
          "T050275",
          "T050274",
          "T050277",
          "T050276"
        ]
      },
      "release_date": "2026-01-22T23:00:00.000+00:00",
      "title": "CVE-2026-21524"
    },
    {
      "cve": "CVE-2026-24304",
      "product_status": {
        "known_affected": [
          "T050271",
          "T050270",
          "T050273",
          "T050272",
          "T050275",
          "T050274",
          "T050277",
          "T050276"
        ]
      },
      "release_date": "2026-01-22T23:00:00.000+00:00",
      "title": "CVE-2026-24304"
    },
    {
      "cve": "CVE-2026-24305",
      "product_status": {
        "known_affected": [
          "T050271",
          "T050270",
          "T050273",
          "T050272",
          "T050275",
          "T050274",
          "T050277",
          "T050276"
        ]
      },
      "release_date": "2026-01-22T23:00:00.000+00:00",
      "title": "CVE-2026-24305"
    },
    {
      "cve": "CVE-2026-24306",
      "product_status": {
        "known_affected": [
          "T050271",
          "T050270",
          "T050273",
          "T050272",
          "T050275",
          "T050274",
          "T050277",
          "T050276"
        ]
      },
      "release_date": "2026-01-22T23:00:00.000+00:00",
      "title": "CVE-2026-24306"
    },
    {
      "cve": "CVE-2026-24307",
      "product_status": {
        "known_affected": [
          "T050271",
          "T050270",
          "T050273",
          "T050272",
          "T050275",
          "T050274",
          "T050277",
          "T050276"
        ]
      },
      "release_date": "2026-01-22T23:00:00.000+00:00",
      "title": "CVE-2026-24307"
    }
  ]
}

CVE-2026-21227 (GCVE-0-2026-21227)

Vulnerability from cvelistv5 – Published: 2026-01-22 22:47 – Updated: 2026-04-01 13:49 Exclusively Hosted Service

Title

Azure Logic Apps Elevation of Privilege Vulnerability

Summary

Improper limitation of a pathname to a restricted directory ('path traversal') in Azure Logic Apps allows an unauthorized attacker to elevate privileges over a network.

Severity

8.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Assigner

microsoft

References

1 reference

URL	Tags
https://msrc.microsoft.com/update-guide/vulnerabi…	vendor-advisorypatch

Impacted products

1 product

Vendor	Product	Version
Microsoft	Azure Logic Apps	Affected: -

Date Public

2026-01-22 16:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-21227",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-23T20:08:10.503780Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-23T20:08:20.644Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Azure Logic Apps",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "-"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:microsoft:azure_logic_apps:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "-",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2026-01-22T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Improper limitation of a pathname to a restricted directory (\u0027path traversal\u0027) in Azure Logic Apps allows an unauthorized attacker to elevate privileges over a network."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-01T13:49:26.311Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Azure Logic Apps Elevation of Privilege Vulnerability",
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21227"
        }
      ],
      "tags": [
        "exclusively-hosted-service"
      ],
      "title": "Azure Logic Apps Elevation of Privilege Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2026-21227",
    "datePublished": "2026-01-22T22:47:37.562Z",
    "dateReserved": "2025-12-11T21:02:05.732Z",
    "dateUpdated": "2026-04-01T13:49:26.311Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-21264 (GCVE-0-2026-21264)

Vulnerability from cvelistv5 – Published: 2026-01-22 22:47 – Updated: 2026-04-01 13:49 Exclusively Hosted Service

Title

Microsoft Account Spoofing Vulnerability

Summary

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Account allows an unauthorized attacker to perform spoofing over a network.

Severity

9.3 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Assigner

microsoft

References

1 reference

URL	Tags
https://msrc.microsoft.com/update-guide/vulnerabi…	vendor-advisorypatch

Impacted products

1 product

Vendor	Product	Version
Microsoft	Microsoft Account	Affected: -

Date Public

2026-01-22 16:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-21264",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-24T04:55:22.864646Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T14:44:29.038Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Microsoft Account",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "-"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:microsoft:micrososft_account:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "-",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2026-01-22T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Improper neutralization of input during web page generation (\u0027cross-site scripting\u0027) in Microsoft Account allows an unauthorized attacker to perform spoofing over a network."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-01T13:49:27.520Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Microsoft Account Spoofing Vulnerability",
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21264"
        }
      ],
      "tags": [
        "exclusively-hosted-service"
      ],
      "title": "Microsoft Account Spoofing Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2026-21264",
    "datePublished": "2026-01-22T22:47:38.744Z",
    "dateReserved": "2025-12-11T21:02:05.738Z",
    "dateUpdated": "2026-04-01T13:49:27.520Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-21521 (GCVE-0-2026-21521)

Vulnerability from cvelistv5 – Published: 2026-01-22 22:47 – Updated: 2026-04-01 13:49 Exclusively Hosted Service

Title

Word Copilot Information Disclosure Vulnerability

Summary

Improper neutralization of escape, meta, or control sequences in Copilot allows an unauthorized attacker to disclose information over a network.

Severity

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-150 - Improper Neutralization of Escape, Meta, or Control Sequences

Assigner

microsoft

References

1 reference

URL	Tags
https://msrc.microsoft.com/update-guide/vulnerabi…	vendor-advisorypatch

Impacted products

1 product

Vendor	Product	Version
Microsoft	Microsoft 365 Word Copilot	Affected: -

Date Public

2026-01-22 16:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-21521",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-23T20:02:03.925450Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-23T20:02:15.843Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Microsoft 365 Word Copilot",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "-"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:microsoft:365_word_copilot:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "-",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2026-01-22T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Improper neutralization of escape, meta, or control sequences in Copilot allows an unauthorized attacker to disclose information over a network."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-150",
              "description": "CWE-150: Improper Neutralization of Escape, Meta, or Control Sequences",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-01T13:49:27.034Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Word Copilot Information Disclosure Vulnerability",
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21521"
        }
      ],
      "tags": [
        "exclusively-hosted-service"
      ],
      "title": "Word Copilot Information Disclosure Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2026-21521",
    "datePublished": "2026-01-22T22:47:38.118Z",
    "dateReserved": "2025-12-30T18:10:54.846Z",
    "dateUpdated": "2026-04-01T13:49:27.034Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-21524 (GCVE-0-2026-21524)

Vulnerability from cvelistv5 – Published: 2026-01-22 22:47 – Updated: 2026-04-01 13:49 Exclusively Hosted Service

Title

Azure Data Explorer Information Disclosure Vulnerability

Summary

Exposure of sensitive information to an unauthorized actor in Azure Data Explorer allows an unauthorized attacker to disclose information over a network.

Severity

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Assigner

microsoft

References

1 reference

URL	Tags
https://msrc.microsoft.com/update-guide/vulnerabi…	vendor-advisorypatch

Impacted products

1 product

Vendor	Product	Version
Microsoft	Azure Data Explorer	Affected: -

Date Public

2026-01-22 16:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-21524",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-23T20:07:40.157571Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-23T20:07:51.256Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Azure Data Explorer",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "-"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:microsoft:azure_data_explorer:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "-",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2026-01-22T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Exposure of sensitive information to an unauthorized actor in Azure Data Explorer allows an unauthorized attacker to disclose information over a network."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-01T13:49:24.473Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Azure Data Explorer Information Disclosure Vulnerability",
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21524"
        }
      ],
      "tags": [
        "exclusively-hosted-service"
      ],
      "title": "Azure Data Explorer Information Disclosure Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2026-21524",
    "datePublished": "2026-01-22T22:47:35.505Z",
    "dateReserved": "2025-12-30T18:10:54.846Z",
    "dateUpdated": "2026-04-01T13:49:24.473Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-24304 (GCVE-0-2026-24304)

Vulnerability from cvelistv5 – Published: 2026-01-23 01:18 – Updated: 2026-04-01 13:49 Exclusively Hosted Service

Title

Azure Resource Manager Elevation of Privilege Vulnerability

Summary

Improper access control in Azure Resource Manager allows an authorized attacker to elevate privileges over a network.

Severity

9.9 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-284 - Improper Access Control

Assigner

microsoft

References

1 reference

URL	Tags
https://msrc.microsoft.com/update-guide/vulnerabi…	vendor-advisorypatch

Impacted products

1 product

Vendor	Product	Version
Microsoft	Azure Resource Manager	Affected: -

Date Public

2026-01-22 16:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-24304",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-24T04:55:28.473489Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T14:44:28.551Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Azure Resource Manager",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "-"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:microsoft:azure_resource_manager:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "-",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2026-01-22T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Improper access control in Azure Resource Manager allows an authorized attacker to elevate privileges over a network."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 9.9,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "CWE-284: Improper Access Control",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-01T13:49:23.361Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Azure Resource Manager Elevation of Privilege Vulnerability",
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24304"
        }
      ],
      "tags": [
        "exclusively-hosted-service"
      ],
      "title": "Azure Resource Manager Elevation of Privilege Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2026-24304",
    "datePublished": "2026-01-23T01:18:55.469Z",
    "dateReserved": "2026-01-21T21:28:02.969Z",
    "dateUpdated": "2026-04-01T13:49:23.361Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-24305 (GCVE-0-2026-24305)

Vulnerability from cvelistv5 – Published: 2026-01-22 22:47 – Updated: 2026-04-01 13:49 Exclusively Hosted Service

Title

Azure Entra ID Elevation of Privilege Vulnerability

Summary

Azure Entra ID Elevation of Privilege Vulnerability

Severity

9.3 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N/E:U/RL:O/RC:C

SSVC

Exploitation: none Automatable: yes Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-285 - Improper Authorization

Assigner

microsoft

References

1 reference

URL	Tags
https://msrc.microsoft.com/update-guide/vulnerabi…	vendor-advisorypatch

Impacted products

1 product

Vendor	Product	Version
Microsoft	Microsoft Entra	Affected: -

Date Public

2026-01-22 16:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-24305",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-24T04:55:14.567230Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T14:44:29.923Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Microsoft Entra",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "-"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:microsoft:microsoft_entra_id:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "-",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2026-01-22T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Azure Entra ID Elevation of Privilege Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-285",
              "description": "CWE-285: Improper Authorization",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-01T13:49:25.092Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Azure Entra ID Elevation of Privilege Vulnerability",
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24305"
        }
      ],
      "tags": [
        "exclusively-hosted-service"
      ],
      "title": "Azure Entra ID Elevation of Privilege Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2026-24305",
    "datePublished": "2026-01-22T22:47:36.181Z",
    "dateReserved": "2026-01-21T21:28:02.969Z",
    "dateUpdated": "2026-04-01T13:49:25.092Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-24306 (GCVE-0-2026-24306)

Vulnerability from cvelistv5 – Published: 2026-01-22 22:47 – Updated: 2026-04-01 13:49 Exclusively Hosted Service

Title

Azure Front Door Elevation of Privilege Vulnerability

Summary

Improper access control in Azure Front Door (AFD) allows an unauthorized attacker to elevate privileges over a network.

Severity

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

SSVC

Exploitation: none Automatable: yes Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-284 - Improper Access Control

Assigner

microsoft

References

1 reference

URL	Tags
https://msrc.microsoft.com/update-guide/vulnerabi…	vendor-advisorypatch

Impacted products

1 product

Vendor	Product	Version
Microsoft	Azure Front Door	Affected: -

Date Public

2026-01-22 16:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-24306",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-24T04:55:21.353118Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T14:44:30.329Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Azure Front Door",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "-"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:microsoft:azure_front_door:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "-",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2026-01-22T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Improper access control in Azure Front Door (AFD) allows an unauthorized attacker to elevate privileges over a network."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "CWE-284: Improper Access Control",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-01T13:49:23.912Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Azure Front Door Elevation of Privilege Vulnerability",
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24306"
        }
      ],
      "tags": [
        "exclusively-hosted-service"
      ],
      "title": "Azure Front Door Elevation of Privilege Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2026-24306",
    "datePublished": "2026-01-22T22:47:34.942Z",
    "dateReserved": "2026-01-21T21:28:02.969Z",
    "dateUpdated": "2026-04-01T13:49:23.912Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-24307 (GCVE-0-2026-24307)

Vulnerability from cvelistv5 – Published: 2026-01-22 22:47 – Updated: 2026-04-01 13:49 Exclusively Hosted Service

Title

M365 Copilot Information Disclosure Vulnerability

Summary

Improper validation of specified type of input in M365 Copilot allows an unauthorized attacker to disclose information over a network.

Severity

9.3 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-1287 - Improper Validation of Specified Type of Input

Assigner

microsoft

References

1 reference

URL	Tags
https://msrc.microsoft.com/update-guide/vulnerabi…	vendor-advisorypatch

Impacted products

1 product

Vendor	Product	Version
Microsoft	Microsoft 365 Copilot	Affected: -

Date Public

2026-01-22 16:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-24307",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-24T04:55:15.704128Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T14:44:29.418Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Microsoft 365 Copilot",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "-"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:microsoft:365_copilot:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "-",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2026-01-22T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Improper validation of specified type of input in M365 Copilot allows an unauthorized attacker to disclose information over a network."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1287",
              "description": "CWE-1287: Improper Validation of Specified Type of Input",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-01T13:49:25.685Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "M365 Copilot Information Disclosure Vulnerability",
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24307"
        }
      ],
      "tags": [
        "exclusively-hosted-service"
      ],
      "title": "M365 Copilot Information Disclosure Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2026-24307",
    "datePublished": "2026-01-22T22:47:36.934Z",
    "dateReserved": "2026-01-21T21:28:02.969Z",
    "dateUpdated": "2026-04-01T13:49:25.685Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

WID-SEC-W-2026-0201

CVE-2026-21227 (GCVE-0-2026-21227)

CVE-2026-21264 (GCVE-0-2026-21264)

CVE-2026-21521 (GCVE-0-2026-21521)

CVE-2026-21524 (GCVE-0-2026-21524)

CVE-2026-24304 (GCVE-0-2026-24304)

CVE-2026-24305 (GCVE-0-2026-24305)

CVE-2026-24306 (GCVE-0-2026-24306)

CVE-2026-24307 (GCVE-0-2026-24307)

Tags

Sightings

Nomenclature