17 matches found
EUVD-2025-9061
Malicious code in bioql PyPI...
CVE-2025-21384
An authenticated attacker can exploit an Server-Side Request Forgery SSRF vulnerability in Microsoft Azure Health Bot to elevate privileges over a network...
CVE-2025-21384
An authenticated attacker can exploit an Server-Side Request Forgery SSRF vulnerability in Microsoft Azure Health Bot to elevate privileges over a network...
CVE-2025-21384
CVE-2025-21384 corresponds to an authenticated SSRF (Server-Side Request Forgery) vulnerability in Microsoft Azure Health Bot that can lead to privilege elevation over a network. The advisory notes an authenticated attacker can exploit SSRF to escalate privileges; the CVSS v3.1 base score is 8.8 ...
CVE-2025-21384 Azure Health Bot Elevation of Privilege Vulnerability
...
CVE-2025-21384 Azure Health Bot Elevation of Privilege Vulnerability
...
Azure Health Bot Elevation of Privilege Vulnerability
An authenticated attacker can exploit an Server-Side Request Forgery SSRF vulnerability in Microsoft Azure Health Bot to elevate privileges over a network...
Microsoft Azure Health Bot 安全漏洞
Microsoft Azure Health Bot is an Artificial Intelligence-based service from Microsoft Corporation USA designed to provide automated chatbot solutions for healthcare. A security vulnerability exists in Microsoft Azure Health Bot. An attacker exploiting the vulnerability can elevate privileges...
KLA82171 Multiple vulnerabilities in Microsoft Azure
Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges, bypass security restrictions. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Azure Playwright can be exploited remotely to gain...
PT-2025-14011 · Microsoft · Sharepoint Server +1
Name of the Vulnerable Software and Affected Versions: Microsoft Azure Health Bot affected versions not specified Microsoft SharePoint Server affected versions not specified Description: The issue is related to a Server-Side Request Forgery SSRF vulnerability. An authenticated attacker can exploi...
The vulnerability of the Azure Health Bot, a tool for creating and deploying intelligent chatbots in the healthcare sector, lies in the insufficient verification of incoming requests. This allows attackers to increase their privileges.
The vulnerability of the tool for creating and deploying intelligent chatbots in the healthcare domain, Azure Health Bot, is related to insufficient verification of incoming requests. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...
Vulnerabilities fixed in Microsoft Azure components
Microsoft has fixed vulnerabilities in several Azure components. A malicious party can exploit the vulnerabilities to grant themselves elevated privileges or impersonate another user. For successful abuse, the malicious party needs prior access to the vulnerable environment, or the malicious part...
CVE-2024-38109
An authenticated attacker can exploit an Server-Side Request Forgery SSRF vulnerability in Microsoft Azure Health Bot to elevate privileges over a network...
CVE-2024-38109
CVE-2024-38109 – Azure Health Bot Elevation of Privilege is an authenticated SSRF vulnerability in Microsoft Azure Health Bot that can allow an attacker to elevate privileges over a network. The vulnerability is documented in Microsoft’s advisory (CVE-2024-38109) and is referenced in multiple fee...
Researchers Uncover Vulnerabilities in AI-Powered Azure Health Bot Service
Cybersecurity researchers have discovered two security flaws in Microsoft's Azure Health Bot Service that, if exploited, could permit a malicious actor to achieve lateral movement within customer environments and access sensitive patient data. The critical issues, now patched by Microsoft, could...
Azure Health Bot Elevation of Privilege Vulnerability
An authenticated attacker can exploit an Server-Side Request Forgery SSRF vulnerability in Microsoft Azure Health Bot to elevate privileges over a network...
PT-2024-5743
Name of the Vulnerable Software and Affected Versions Microsoft Azure Health Bot affected versions not specified Description The issue is related to insufficient validation of incoming requests in Microsoft Azure Health Bot, which can be exploited by an authenticated attacker to elevate privilege...