4 matches found
CVE-2024-21330
CVE-2024-21330 describes an elevation-of-privilege vulnerability in Microsoft’s Open Management Infrastructure (OMI). Public sources indicate this affects OMI alongside related System Center/OMS components, allowing an attacker with local access to obtain elevated privileges. The impact is descri...
CVE-2019-0962
CVE-2019-0962 affects Azure Automation: an elevation-of-privilege vulnerability in the RunAs account runbooks that can let members with the contributor role access Key Vault secrets via a RunAs account. The root cause is misconfigured RunAs role assignments that inadvertently expose Key Vault acc...
CVE-2025-29827
CVE-2025-29827 — Azure Automation Elevation of Privilege : The Azure Automation service is affected by an improper authorization vulnerability that can allow an authenticated attacker to elevate privileges over the network. Public sources in the provided documents indicate updates/fixes have been...
CVE-2021-42306
CVE-2021-42306 describes an information-disclosure vulnerability in Azure AD where private key data uploaded as part of a certificate in the keyCredential of an Application or Service Principal could be read by an entity with application read access in the tenant. The root cause is the handling o...