Vulnerability-Lookup

WID-SEC-W-2026-1486

Vulnerability from csaf_certbund - Published: 2026-05-12 22:00 - Updated: 2026-05-12 22:00

Summary

Microsoft Azure und Windows Admin Center: Mehrere Schwachstellen

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Azure ist eine Cloud Computing-Plattform von Microsoft. Microsoft Windows Admin Center ist ein webbasiertes Tool zur Verwaltung von Windows Servern, Clustern und PCs.

Angriff: Ein Angreifer kann mehrere Schwachstellen in Microsoft Azure und Microsoft Windows Admin Center ausnutzen, um seine Privilegien zu erhöhen, um falsche Informationen darzustellen, und um Sicherheitsvorkehrungen zu umgehen.

Betroffene Betriebssysteme: - Linux - Sonstiges - UNIX - Windows

CVE-2026-32204

Affected products

Known affected 11 products

Product	Identifier	Version
Microsoft Azure Monitor Agent Microsoft / Azure	`cpe:/a:microsoft:azure:monitor_agent`	Monitor Agent
Microsoft Azure Connected Machine Agent Microsoft / Azure	`cpe:/a:microsoft:azure:connected_machine_agent`	Connected Machine Agent
Microsoft Azure Machine Learning Microsoft / Azure	`cpe:/a:microsoft:azure:machine_learning`	Machine Learning
Microsoft Azure Monitor Action Group notification system Microsoft / Azure	`cpe:/a:microsoft:azure:monitor_action_group_notification_system`	Monitor Action Group notification system
Microsoft Azure Logic Apps Microsoft / Azure	`cpe:/a:microsoft:azure:logic_apps`	Logic Apps
Microsoft Azure Monitor Agent Metrics Extension Microsoft / Azure	`cpe:/a:microsoft:azure:monitor_agent_metrics_extension`	Monitor Agent Metrics Extension
Microsoft Azure SDK for Java Microsoft / Azure	`cpe:/a:microsoft:azure:sdk_for_java`	SDK for Java
Microsoft Windows Admin Center in Azure Portal Microsoft / Windows Admin Center	`cpe:/a:microsoft:windows_admin_center:in_azure_portal`	in Azure Portal
Microsoft Azure Cloud Shell Microsoft / Azure	`cpe:/a:microsoft:azure:cloud_shell`	Cloud Shell
Microsoft Azure Managed Instance for Apache Cassandra Microsoft / Azure	`cpe:/a:microsoft:azure:managed_instance_for_apache_cassandra`	Managed Instance for Apache Cassandra
Microsoft Azure AI Foundry Microsoft / Azure	`cpe:/a:microsoft:azure:ai_foundry`	AI Foundry

CVE-2026-33117

Affected products

Known affected 11 products

Product	Identifier	Version
Microsoft Azure Monitor Agent Microsoft / Azure	`cpe:/a:microsoft:azure:monitor_agent`	Monitor Agent
Microsoft Azure Connected Machine Agent Microsoft / Azure	`cpe:/a:microsoft:azure:connected_machine_agent`	Connected Machine Agent
Microsoft Azure Machine Learning Microsoft / Azure	`cpe:/a:microsoft:azure:machine_learning`	Machine Learning
Microsoft Azure Monitor Action Group notification system Microsoft / Azure	`cpe:/a:microsoft:azure:monitor_action_group_notification_system`	Monitor Action Group notification system
Microsoft Azure Logic Apps Microsoft / Azure	`cpe:/a:microsoft:azure:logic_apps`	Logic Apps
Microsoft Azure Monitor Agent Metrics Extension Microsoft / Azure	`cpe:/a:microsoft:azure:monitor_agent_metrics_extension`	Monitor Agent Metrics Extension
Microsoft Azure SDK for Java Microsoft / Azure	`cpe:/a:microsoft:azure:sdk_for_java`	SDK for Java
Microsoft Windows Admin Center in Azure Portal Microsoft / Windows Admin Center	`cpe:/a:microsoft:windows_admin_center:in_azure_portal`	in Azure Portal
Microsoft Azure Cloud Shell Microsoft / Azure	`cpe:/a:microsoft:azure:cloud_shell`	Cloud Shell
Microsoft Azure Managed Instance for Apache Cassandra Microsoft / Azure	`cpe:/a:microsoft:azure:managed_instance_for_apache_cassandra`	Managed Instance for Apache Cassandra
Microsoft Azure AI Foundry Microsoft / Azure	`cpe:/a:microsoft:azure:ai_foundry`	AI Foundry

CVE-2026-33833

Affected products

Known affected 11 products

Product	Identifier	Version
Microsoft Azure Monitor Agent Microsoft / Azure	`cpe:/a:microsoft:azure:monitor_agent`	Monitor Agent
Microsoft Azure Connected Machine Agent Microsoft / Azure	`cpe:/a:microsoft:azure:connected_machine_agent`	Connected Machine Agent
Microsoft Azure Machine Learning Microsoft / Azure	`cpe:/a:microsoft:azure:machine_learning`	Machine Learning
Microsoft Azure Monitor Action Group notification system Microsoft / Azure	`cpe:/a:microsoft:azure:monitor_action_group_notification_system`	Monitor Action Group notification system
Microsoft Azure Logic Apps Microsoft / Azure	`cpe:/a:microsoft:azure:logic_apps`	Logic Apps
Microsoft Azure Monitor Agent Metrics Extension Microsoft / Azure	`cpe:/a:microsoft:azure:monitor_agent_metrics_extension`	Monitor Agent Metrics Extension
Microsoft Azure SDK for Java Microsoft / Azure	`cpe:/a:microsoft:azure:sdk_for_java`	SDK for Java
Microsoft Windows Admin Center in Azure Portal Microsoft / Windows Admin Center	`cpe:/a:microsoft:windows_admin_center:in_azure_portal`	in Azure Portal
Microsoft Azure Cloud Shell Microsoft / Azure	`cpe:/a:microsoft:azure:cloud_shell`	Cloud Shell
Microsoft Azure Managed Instance for Apache Cassandra Microsoft / Azure	`cpe:/a:microsoft:azure:managed_instance_for_apache_cassandra`	Managed Instance for Apache Cassandra
Microsoft Azure AI Foundry Microsoft / Azure	`cpe:/a:microsoft:azure:ai_foundry`	AI Foundry

CVE-2026-40381

Affected products

Known affected 11 products

Product	Identifier	Version
Microsoft Azure Monitor Agent Microsoft / Azure	`cpe:/a:microsoft:azure:monitor_agent`	Monitor Agent
Microsoft Azure Connected Machine Agent Microsoft / Azure	`cpe:/a:microsoft:azure:connected_machine_agent`	Connected Machine Agent
Microsoft Azure Machine Learning Microsoft / Azure	`cpe:/a:microsoft:azure:machine_learning`	Machine Learning
Microsoft Azure Monitor Action Group notification system Microsoft / Azure	`cpe:/a:microsoft:azure:monitor_action_group_notification_system`	Monitor Action Group notification system
Microsoft Azure Logic Apps Microsoft / Azure	`cpe:/a:microsoft:azure:logic_apps`	Logic Apps
Microsoft Azure Monitor Agent Metrics Extension Microsoft / Azure	`cpe:/a:microsoft:azure:monitor_agent_metrics_extension`	Monitor Agent Metrics Extension
Microsoft Azure SDK for Java Microsoft / Azure	`cpe:/a:microsoft:azure:sdk_for_java`	SDK for Java
Microsoft Windows Admin Center in Azure Portal Microsoft / Windows Admin Center	`cpe:/a:microsoft:windows_admin_center:in_azure_portal`	in Azure Portal
Microsoft Azure Cloud Shell Microsoft / Azure	`cpe:/a:microsoft:azure:cloud_shell`	Cloud Shell
Microsoft Azure Managed Instance for Apache Cassandra Microsoft / Azure	`cpe:/a:microsoft:azure:managed_instance_for_apache_cassandra`	Managed Instance for Apache Cassandra
Microsoft Azure AI Foundry Microsoft / Azure	`cpe:/a:microsoft:azure:ai_foundry`	AI Foundry

CVE-2026-41086

Affected products

Known affected 11 products

Product	Identifier	Version
Microsoft Azure Monitor Agent Microsoft / Azure	`cpe:/a:microsoft:azure:monitor_agent`	Monitor Agent
Microsoft Azure Connected Machine Agent Microsoft / Azure	`cpe:/a:microsoft:azure:connected_machine_agent`	Connected Machine Agent
Microsoft Azure Machine Learning Microsoft / Azure	`cpe:/a:microsoft:azure:machine_learning`	Machine Learning
Microsoft Azure Monitor Action Group notification system Microsoft / Azure	`cpe:/a:microsoft:azure:monitor_action_group_notification_system`	Monitor Action Group notification system
Microsoft Azure Logic Apps Microsoft / Azure	`cpe:/a:microsoft:azure:logic_apps`	Logic Apps
Microsoft Azure Monitor Agent Metrics Extension Microsoft / Azure	`cpe:/a:microsoft:azure:monitor_agent_metrics_extension`	Monitor Agent Metrics Extension
Microsoft Azure SDK for Java Microsoft / Azure	`cpe:/a:microsoft:azure:sdk_for_java`	SDK for Java
Microsoft Windows Admin Center in Azure Portal Microsoft / Windows Admin Center	`cpe:/a:microsoft:windows_admin_center:in_azure_portal`	in Azure Portal
Microsoft Azure Cloud Shell Microsoft / Azure	`cpe:/a:microsoft:azure:cloud_shell`	Cloud Shell
Microsoft Azure Managed Instance for Apache Cassandra Microsoft / Azure	`cpe:/a:microsoft:azure:managed_instance_for_apache_cassandra`	Managed Instance for Apache Cassandra
Microsoft Azure AI Foundry Microsoft / Azure	`cpe:/a:microsoft:azure:ai_foundry`	AI Foundry

CVE-2026-41103

Affected products

Known affected 11 products

Product	Identifier	Version
Microsoft Azure Monitor Agent Microsoft / Azure	`cpe:/a:microsoft:azure:monitor_agent`	Monitor Agent
Microsoft Azure Connected Machine Agent Microsoft / Azure	`cpe:/a:microsoft:azure:connected_machine_agent`	Connected Machine Agent
Microsoft Azure Machine Learning Microsoft / Azure	`cpe:/a:microsoft:azure:machine_learning`	Machine Learning
Microsoft Azure Monitor Action Group notification system Microsoft / Azure	`cpe:/a:microsoft:azure:monitor_action_group_notification_system`	Monitor Action Group notification system
Microsoft Azure Logic Apps Microsoft / Azure	`cpe:/a:microsoft:azure:logic_apps`	Logic Apps
Microsoft Azure Monitor Agent Metrics Extension Microsoft / Azure	`cpe:/a:microsoft:azure:monitor_agent_metrics_extension`	Monitor Agent Metrics Extension
Microsoft Azure SDK for Java Microsoft / Azure	`cpe:/a:microsoft:azure:sdk_for_java`	SDK for Java
Microsoft Windows Admin Center in Azure Portal Microsoft / Windows Admin Center	`cpe:/a:microsoft:windows_admin_center:in_azure_portal`	in Azure Portal
Microsoft Azure Cloud Shell Microsoft / Azure	`cpe:/a:microsoft:azure:cloud_shell`	Cloud Shell
Microsoft Azure Managed Instance for Apache Cassandra Microsoft / Azure	`cpe:/a:microsoft:azure:managed_instance_for_apache_cassandra`	Managed Instance for Apache Cassandra
Microsoft Azure AI Foundry Microsoft / Azure	`cpe:/a:microsoft:azure:ai_foundry`	AI Foundry

CVE-2026-42823

Affected products

Known affected 11 products

Product	Identifier	Version
Microsoft Azure Monitor Agent Microsoft / Azure	`cpe:/a:microsoft:azure:monitor_agent`	Monitor Agent
Microsoft Azure Connected Machine Agent Microsoft / Azure	`cpe:/a:microsoft:azure:connected_machine_agent`	Connected Machine Agent
Microsoft Azure Machine Learning Microsoft / Azure	`cpe:/a:microsoft:azure:machine_learning`	Machine Learning
Microsoft Azure Monitor Action Group notification system Microsoft / Azure	`cpe:/a:microsoft:azure:monitor_action_group_notification_system`	Monitor Action Group notification system
Microsoft Azure Logic Apps Microsoft / Azure	`cpe:/a:microsoft:azure:logic_apps`	Logic Apps
Microsoft Azure Monitor Agent Metrics Extension Microsoft / Azure	`cpe:/a:microsoft:azure:monitor_agent_metrics_extension`	Monitor Agent Metrics Extension
Microsoft Azure SDK for Java Microsoft / Azure	`cpe:/a:microsoft:azure:sdk_for_java`	SDK for Java
Microsoft Windows Admin Center in Azure Portal Microsoft / Windows Admin Center	`cpe:/a:microsoft:windows_admin_center:in_azure_portal`	in Azure Portal
Microsoft Azure Cloud Shell Microsoft / Azure	`cpe:/a:microsoft:azure:cloud_shell`	Cloud Shell
Microsoft Azure Managed Instance for Apache Cassandra Microsoft / Azure	`cpe:/a:microsoft:azure:managed_instance_for_apache_cassandra`	Managed Instance for Apache Cassandra
Microsoft Azure AI Foundry Microsoft / Azure	`cpe:/a:microsoft:azure:ai_foundry`	AI Foundry

CVE-2026-42830

Affected products

Known affected 11 products

Product	Identifier	Version
Microsoft Azure Monitor Agent Microsoft / Azure	`cpe:/a:microsoft:azure:monitor_agent`	Monitor Agent
Microsoft Azure Connected Machine Agent Microsoft / Azure	`cpe:/a:microsoft:azure:connected_machine_agent`	Connected Machine Agent
Microsoft Azure Machine Learning Microsoft / Azure	`cpe:/a:microsoft:azure:machine_learning`	Machine Learning
Microsoft Azure Monitor Action Group notification system Microsoft / Azure	`cpe:/a:microsoft:azure:monitor_action_group_notification_system`	Monitor Action Group notification system
Microsoft Azure Logic Apps Microsoft / Azure	`cpe:/a:microsoft:azure:logic_apps`	Logic Apps
Microsoft Azure Monitor Agent Metrics Extension Microsoft / Azure	`cpe:/a:microsoft:azure:monitor_agent_metrics_extension`	Monitor Agent Metrics Extension
Microsoft Azure SDK for Java Microsoft / Azure	`cpe:/a:microsoft:azure:sdk_for_java`	SDK for Java
Microsoft Windows Admin Center in Azure Portal Microsoft / Windows Admin Center	`cpe:/a:microsoft:windows_admin_center:in_azure_portal`	in Azure Portal
Microsoft Azure Cloud Shell Microsoft / Azure	`cpe:/a:microsoft:azure:cloud_shell`	Cloud Shell
Microsoft Azure Managed Instance for Apache Cassandra Microsoft / Azure	`cpe:/a:microsoft:azure:managed_instance_for_apache_cassandra`	Managed Instance for Apache Cassandra
Microsoft Azure AI Foundry Microsoft / Azure	`cpe:/a:microsoft:azure:ai_foundry`	AI Foundry

References

3 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://msrc.microsoft.com/update-guide/	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Azure ist eine Cloud Computing-Plattform von Microsoft.\r\nMicrosoft Windows Admin Center ist ein webbasiertes Tool zur Verwaltung von Windows Servern, Clustern und PCs.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in Microsoft Azure und Microsoft Windows Admin Center ausnutzen, um seine Privilegien zu erh\u00f6hen, um falsche Informationen darzustellen, und um Sicherheitsvorkehrungen zu umgehen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2026-1486 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1486.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2026-1486 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1486"
      },
      {
        "category": "external",
        "summary": "Microsoft Leitfaden f\u00fcr Sicherheitsupdates",
        "url": "https://msrc.microsoft.com/update-guide/"
      }
    ],
    "source_lang": "en-US",
    "title": "Microsoft Azure und Windows Admin Center: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2026-05-12T22:00:00.000+00:00",
      "generator": {
        "date": "2026-05-13T08:23:54.934+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2026-1486",
      "initial_release_date": "2026-05-12T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2026-05-12T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "SDK for Java",
                "product": {
                  "name": "Microsoft Azure SDK for Java",
                  "product_id": "T053865",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:azure:sdk_for_java"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Machine Learning",
                "product": {
                  "name": "Microsoft Azure Machine Learning",
                  "product_id": "T053866",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:azure:machine_learning"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Logic Apps",
                "product": {
                  "name": "Microsoft Azure Logic Apps",
                  "product_id": "T053867",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:azure:logic_apps"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Connected Machine Agent",
                "product": {
                  "name": "Microsoft Azure Connected Machine Agent",
                  "product_id": "T053869",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:azure:connected_machine_agent"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Monitor Agent",
                "product": {
                  "name": "Microsoft Azure Monitor Agent",
                  "product_id": "T053870",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:azure:monitor_agent"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Managed Instance for Apache Cassandra",
                "product": {
                  "name": "Microsoft Azure Managed Instance for Apache Cassandra",
                  "product_id": "T053871",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:azure:managed_instance_for_apache_cassandra"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "AI Foundry",
                "product": {
                  "name": "Microsoft Azure AI Foundry",
                  "product_id": "T053872",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:azure:ai_foundry"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Cloud Shell",
                "product": {
                  "name": "Microsoft Azure Cloud Shell",
                  "product_id": "T053874",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:azure:cloud_shell"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Monitor Agent Metrics Extension",
                "product": {
                  "name": "Microsoft Azure Monitor Agent Metrics Extension",
                  "product_id": "T053875",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:azure:monitor_agent_metrics_extension"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Monitor Action Group notification system",
                "product": {
                  "name": "Microsoft Azure Monitor Action Group notification system",
                  "product_id": "T053877",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:azure:monitor_action_group_notification_system"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Azure"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "in Azure Portal",
                "product": {
                  "name": "Microsoft Windows Admin Center in Azure Portal",
                  "product_id": "T053873",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:windows_admin_center:in_azure_portal"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Windows Admin Center"
          }
        ],
        "category": "vendor",
        "name": "Microsoft"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-32204",
      "product_status": {
        "known_affected": [
          "T053870",
          "T053869",
          "T053866",
          "T053877",
          "T053867",
          "T053875",
          "T053865",
          "T053873",
          "T053874",
          "T053871",
          "T053872"
        ]
      },
      "release_date": "2026-05-12T22:00:00.000+00:00",
      "title": "CVE-2026-32204"
    },
    {
      "cve": "CVE-2026-33117",
      "product_status": {
        "known_affected": [
          "T053870",
          "T053869",
          "T053866",
          "T053877",
          "T053867",
          "T053875",
          "T053865",
          "T053873",
          "T053874",
          "T053871",
          "T053872"
        ]
      },
      "release_date": "2026-05-12T22:00:00.000+00:00",
      "title": "CVE-2026-33117"
    },
    {
      "cve": "CVE-2026-33833",
      "product_status": {
        "known_affected": [
          "T053870",
          "T053869",
          "T053866",
          "T053877",
          "T053867",
          "T053875",
          "T053865",
          "T053873",
          "T053874",
          "T053871",
          "T053872"
        ]
      },
      "release_date": "2026-05-12T22:00:00.000+00:00",
      "title": "CVE-2026-33833"
    },
    {
      "cve": "CVE-2026-40381",
      "product_status": {
        "known_affected": [
          "T053870",
          "T053869",
          "T053866",
          "T053877",
          "T053867",
          "T053875",
          "T053865",
          "T053873",
          "T053874",
          "T053871",
          "T053872"
        ]
      },
      "release_date": "2026-05-12T22:00:00.000+00:00",
      "title": "CVE-2026-40381"
    },
    {
      "cve": "CVE-2026-41086",
      "product_status": {
        "known_affected": [
          "T053870",
          "T053869",
          "T053866",
          "T053877",
          "T053867",
          "T053875",
          "T053865",
          "T053873",
          "T053874",
          "T053871",
          "T053872"
        ]
      },
      "release_date": "2026-05-12T22:00:00.000+00:00",
      "title": "CVE-2026-41086"
    },
    {
      "cve": "CVE-2026-41103",
      "product_status": {
        "known_affected": [
          "T053870",
          "T053869",
          "T053866",
          "T053877",
          "T053867",
          "T053875",
          "T053865",
          "T053873",
          "T053874",
          "T053871",
          "T053872"
        ]
      },
      "release_date": "2026-05-12T22:00:00.000+00:00",
      "title": "CVE-2026-41103"
    },
    {
      "cve": "CVE-2026-42823",
      "product_status": {
        "known_affected": [
          "T053870",
          "T053869",
          "T053866",
          "T053877",
          "T053867",
          "T053875",
          "T053865",
          "T053873",
          "T053874",
          "T053871",
          "T053872"
        ]
      },
      "release_date": "2026-05-12T22:00:00.000+00:00",
      "title": "CVE-2026-42823"
    },
    {
      "cve": "CVE-2026-42830",
      "product_status": {
        "known_affected": [
          "T053870",
          "T053869",
          "T053866",
          "T053877",
          "T053867",
          "T053875",
          "T053865",
          "T053873",
          "T053874",
          "T053871",
          "T053872"
        ]
      },
      "release_date": "2026-05-12T22:00:00.000+00:00",
      "title": "CVE-2026-42830"
    }
  ]
}

CVE-2026-32204 (GCVE-0-2026-32204)

Vulnerability from cvelistv5 – Published: 2026-05-12 16:58 – Updated: 2026-06-09 19:32

Title

Azure Monitor Agent Elevation of Privilege Vulnerability

Summary

External control of file name or path in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.

Severity

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-73 - External Control of File Name or Path

Assigner

microsoft

References

1 reference

URL	Tags
https://msrc.microsoft.com/update-guide/vulnerabi…	vendor-advisorypatch

Impacted products

1 product

Vendor	Product	Version
Microsoft	Azure Monitor	Affected: 1.0.0 , < 1.14.0 (custom)

Date Public

2026-05-12 14:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-32204",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-13T03:56:09.067750Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-13T10:18:39.999Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Azure Monitor",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "1.14.0",
              "status": "affected",
              "version": "1.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:microsoft:azure_monitor_agent:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "1.14.0",
                  "versionStartIncluding": "1.0.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2026-05-12T14:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "External control of file name or path in Azure Monitor Agent allows an authorized attacker to elevate privileges locally."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-73",
              "description": "CWE-73: External Control of File Name or Path",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-09T19:32:29.756Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Azure Monitor Agent Elevation of Privilege Vulnerability",
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32204"
        }
      ],
      "title": "Azure Monitor Agent Elevation of Privilege Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2026-32204",
    "datePublished": "2026-05-12T16:58:14.563Z",
    "dateReserved": "2026-03-11T01:49:58.658Z",
    "dateUpdated": "2026-06-09T19:32:29.756Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-33117 (GCVE-0-2026-33117)

Vulnerability from cvelistv5 – Published: 2026-05-12 16:58 – Updated: 2026-06-09 19:32

Title

Azure SDK for Java Security Feature Bypass Vulnerability

Summary

The Java Key Vault Keys library in the Azure SDK for Java contains an issue in the local cryptographic verification path where authentication tag comparison was implemented incorrectly. In affected applications that use the vulnerable local cryptography path, specially crafted encrypted input may bypass integrity verification checks. Operations delegated to the Key Vault service are not affected. The issue is addressed in version 4.10.6.

Severity

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C

SSVC

Exploitation: none Automatable: yes Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-287 - Improper Authentication
CWE-347 - Improper Verification of Cryptographic Signature

Assigner

microsoft

References

1 reference

URL	Tags
https://msrc.microsoft.com/update-guide/vulnerabi…	vendor-advisorypatch

Impacted products

1 product

Vendor	Product	Version
Microsoft	Azure SDK for Java	Affected: 1.0.0 , < 4.10.6 (custom)

Date Public

2026-05-12 14:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-33117",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-13T03:57:37.128659Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-13T10:17:55.151Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Azure SDK for Java",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "4.10.6",
              "status": "affected",
              "version": "1.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:microsoft:azure_sdk_for_java:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.10.6",
                  "versionStartIncluding": "1.0.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2026-05-12T14:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "The Java Key Vault Keys library in the Azure SDK for Java contains an issue in the local cryptographic verification path where authentication tag comparison was implemented incorrectly. In affected applications that use the vulnerable local cryptography path, specially crafted encrypted input may bypass integrity verification checks. Operations delegated to the Key Vault service are not affected. The issue is addressed in version 4.10.6."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-287",
              "description": "CWE-287: Improper Authentication",
              "lang": "en-US",
              "type": "CWE"
            },
            {
              "cweId": "CWE-347",
              "description": "CWE-347: Improper Verification of Cryptographic Signature",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-09T19:32:31.006Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Azure SDK for Java Security Feature Bypass Vulnerability",
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33117"
        }
      ],
      "title": "Azure SDK for Java Security Feature Bypass Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2026-33117",
    "datePublished": "2026-05-12T16:58:17.299Z",
    "dateReserved": "2026-03-17T20:15:23.721Z",
    "dateUpdated": "2026-06-09T19:32:31.006Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-33833 (GCVE-0-2026-33833)

Vulnerability from cvelistv5 – Published: 2026-05-12 16:59 – Updated: 2026-06-09 19:33

Title

Azure Machine Learning Notebook Spoofing Vulnerability

Summary

Improper neutralization of special elements in output used by a downstream component ('injection') in Azure Machine Learning allows an unauthorized attacker to perform spoofing over a network.

Severity

8.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N/E:U/RL:O/RC:C

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Assigner

microsoft

References

1 reference

URL	Tags
https://msrc.microsoft.com/update-guide/vulnerabi…	vendor-advisorypatch

Impacted products

1 product

Vendor	Product	Version
Microsoft	Azure Machine Learning	Affected: 3.0.0 , < 1.7.6 (custom)

Date Public

2026-05-12 14:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-33833",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-13T10:13:09.603213Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-13T10:25:40.211Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Azure Machine Learning",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "1.7.6",
              "status": "affected",
              "version": "3.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:microsoft:azure_machine_learning:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "1.7.6",
                  "versionStartIncluding": "3.0.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2026-05-12T14:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Improper neutralization of special elements in output used by a downstream component (\u0027injection\u0027) in Azure Machine Learning allows an unauthorized attacker to perform spoofing over a network."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-74",
              "description": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-09T19:33:17.758Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Azure Machine Learning Notebook Spoofing Vulnerability",
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33833"
        }
      ],
      "title": "Azure Machine Learning Notebook Spoofing Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2026-33833",
    "datePublished": "2026-05-12T16:59:08.705Z",
    "dateReserved": "2026-03-24T00:52:01.353Z",
    "dateUpdated": "2026-06-09T19:33:17.758Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-40381 (GCVE-0-2026-40381)

Vulnerability from cvelistv5 – Published: 2026-05-12 16:59 – Updated: 2026-06-09 19:33

Title

Azure Connected Machine Agent Elevation of Privilege Vulnerability

Summary

Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.

Severity

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-284 - Improper Access Control

Assigner

microsoft

References

1 reference

URL	Tags
https://msrc.microsoft.com/update-guide/vulnerabi…	vendor-advisorypatch

Impacted products

1 product

Vendor	Product	Version
Microsoft	Azure Connected Machine Agent	Affected: 1.0.0 , < 1.63 (custom)

Date Public

2026-05-12 14:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-40381",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-13T03:56:00.470731Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-13T10:02:10.059Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Azure Connected Machine Agent",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "1.63",
              "status": "affected",
              "version": "1.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:microsoft:azure_connected_machine_agent:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "1.63",
                  "versionStartIncluding": "1.0.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2026-05-12T14:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "CWE-284: Improper Access Control",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-09T19:33:39.699Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Azure Connected Machine Agent Elevation of Privilege Vulnerability",
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40381"
        }
      ],
      "title": "Azure Connected Machine Agent Elevation of Privilege Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2026-40381",
    "datePublished": "2026-05-12T16:59:31.291Z",
    "dateReserved": "2026-04-11T23:06:15.616Z",
    "dateUpdated": "2026-06-09T19:33:39.699Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-41086 (GCVE-0-2026-41086)

Vulnerability from cvelistv5 – Published: 2026-05-12 16:59 – Updated: 2026-06-09 19:33

Title

Windows Admin Center in Azure Portal Elevation of Privilege Vulnerability

Summary

Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges over a network.

Severity

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-284 - Improper Access Control

Assigner

microsoft

References

1 reference

URL	Tags
https://msrc.microsoft.com/update-guide/vulnerabi…	vendor-advisorypatch

Impacted products

1 product

Vendor	Product	Version
Microsoft	Windows Admin Center in Azure Portal	Affected: 1.0 , < 0.76.0.0 (custom)

Date Public

2026-05-12 14:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-41086",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-07T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-13T03:57:14.350Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Windows Admin Center in Azure Portal",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "0.76.0.0",
              "status": "affected",
              "version": "1.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:microsoft:azure_portal_windows_admin_center:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "0.76.0.0",
                  "versionStartIncluding": "1.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2026-05-12T14:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges over a network."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "CWE-284: Improper Access Control",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-09T19:33:38.461Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Windows Admin Center in Azure Portal Elevation of Privilege Vulnerability",
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41086"
        }
      ],
      "title": "Windows Admin Center in Azure Portal Elevation of Privilege Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2026-41086",
    "datePublished": "2026-05-12T16:59:30.087Z",
    "dateReserved": "2026-04-16T19:12:36.194Z",
    "dateUpdated": "2026-06-09T19:33:38.461Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-41103 (GCVE-0-2026-41103)

Vulnerability from cvelistv5 – Published: 2026-05-12 16:59 – Updated: 2026-06-09 19:33

Title

Microsoft SSO Plugin for Jira & Confluence Elevation of Privilege Vulnerability

Summary

Incorrect implementation of authentication algorithm in Microsoft SSO Plugin for Jira & Confluence allows an unauthorized attacker to elevate privileges over a network.

Severity

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C

SSVC

Exploitation: none Automatable: yes Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-303 - Incorrect Implementation of Authentication Algorithm

Assigner

microsoft

References

1 reference

URL	Tags
https://msrc.microsoft.com/update-guide/vulnerabi…	vendor-advisorypatch

Impacted products

2 products

Vendor	Product	Version
Microsoft	Microsoft Confluence SAML SSO plugin	Affected: 1.0.0 , < 7.4.0 (custom)
Microsoft	Microsoft JIRA SAML SSO plugin	Affected: 1.0.0 , < 1.3.3 (custom)

Date Public

2026-05-12 14:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-41103",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-07T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-13T03:57:32.000Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Microsoft Confluence SAML SSO plugin",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.4.0",
              "status": "affected",
              "version": "1.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Microsoft JIRA SAML SSO plugin",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "1.3.3",
              "status": "affected",
              "version": "1.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:microsoft:jira_saml_sso_plugin:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "1.3.3",
                  "versionStartIncluding": "1.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:confluence_saml_sso_plugin:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "7.4.0",
                  "versionStartIncluding": "1.0.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2026-05-12T14:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Incorrect implementation of authentication algorithm in Microsoft SSO Plugin for Jira \u0026amp; Confluence allows an unauthorized attacker to elevate privileges over a network."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-303",
              "description": "CWE-303: Incorrect Implementation of Authentication Algorithm",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-09T19:33:40.319Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Microsoft SSO Plugin for Jira \u0026 Confluence Elevation of Privilege Vulnerability",
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41103"
        }
      ],
      "title": "Microsoft SSO Plugin for Jira \u0026 Confluence Elevation of Privilege Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2026-41103",
    "datePublished": "2026-05-12T16:59:32.156Z",
    "dateReserved": "2026-04-16T19:12:36.195Z",
    "dateUpdated": "2026-06-09T19:33:40.319Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-42823 (GCVE-0-2026-42823)

Vulnerability from cvelistv5 – Published: 2026-05-12 16:59 – Updated: 2026-06-09 19:33

Title

Azure Logic Apps Elevation of Privilege Vulnerability

Summary

Improper access control in Azure Logic Apps allows an authorized attacker to elevate privileges over a network.

Severity

9.9 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-284 - Improper Access Control

Assigner

microsoft

References

1 reference

URL	Tags
https://msrc.microsoft.com/update-guide/vulnerabi…	vendor-advisorypatch

Impacted products

1 product

Vendor	Product	Version
Microsoft	Azure Logic Apps	Affected: -

Date Public

2026-05-12 14:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-42823",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-07T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-13T03:56:04.690Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Azure Logic Apps",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "-"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:microsoft:azure_logic_apps:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "-",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2026-05-12T14:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Improper access control in Azure Logic Apps allows an authorized attacker to elevate privileges over a network."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 9.9,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "CWE-284: Improper Access Control",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-09T19:33:41.413Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Azure Logic Apps Elevation of Privilege Vulnerability",
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42823"
        }
      ],
      "title": "Azure Logic Apps Elevation of Privilege Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2026-42823",
    "datePublished": "2026-05-12T16:59:33.549Z",
    "dateReserved": "2026-04-30T14:51:12.702Z",
    "dateUpdated": "2026-06-09T19:33:41.413Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-42830 (GCVE-0-2026-42830)

Vulnerability from cvelistv5 – Published: 2026-05-12 16:59 – Updated: 2026-06-09 19:33

Title

Azure Monitor Agent Metrics Extension Elevation of Privilege Vulnerability

Summary

Untrusted search path in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.

Severity

6.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N/E:U/RL:O/RC:C

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-426 - Untrusted Search Path

Assigner

microsoft

References

1 reference

URL	Tags
https://msrc.microsoft.com/update-guide/vulnerabi…	vendor-advisorypatch

Impacted products

1 product

Vendor	Product	Version
Microsoft	Azure Monitor Agent Metrics Extension	Affected: 1.0.0 , < 1.42.0 (custom)

Date Public

2026-05-12 14:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-42830",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-13T03:56:26.913051Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-13T10:01:55.104Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Azure Monitor Agent Metrics Extension",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "1.42.0",
              "status": "affected",
              "version": "1.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:microsoft:azure_monitor_agent_metrics_extension:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "1.42.0",
                  "versionStartIncluding": "1.0.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2026-05-12T14:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Untrusted search path in Azure Monitor Agent allows an authorized attacker to elevate privileges locally."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-426",
              "description": "CWE-426: Untrusted Search Path",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-09T19:33:42.161Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Azure Monitor Agent Metrics Extension Elevation of Privilege Vulnerability",
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42830"
        }
      ],
      "title": "Azure Monitor Agent Metrics Extension Elevation of Privilege Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2026-42830",
    "datePublished": "2026-05-12T16:59:34.229Z",
    "dateReserved": "2026-04-30T14:51:12.703Z",
    "dateUpdated": "2026-06-09T19:33:42.161Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

WID-SEC-W-2026-1486

CVE-2026-32204 (GCVE-0-2026-32204)

CVE-2026-33117 (GCVE-0-2026-33117)

CVE-2026-33833 (GCVE-0-2026-33833)

CVE-2026-40381 (GCVE-0-2026-40381)

CVE-2026-41086 (GCVE-0-2026-41086)

CVE-2026-41103 (GCVE-0-2026-41103)

CVE-2026-42823 (GCVE-0-2026-42823)

CVE-2026-42830 (GCVE-0-2026-42830)

Tags

Sightings

Nomenclature