Lucene search
K
MicrosoftAzure Automation

4 matches found

CVE
CVE
added 2024/03/12 4:57 p.m.258 views

CVE-2024-21330

CVE-2024-21330 describes an elevation-of-privilege vulnerability in Microsoft’s Open Management Infrastructure (OMI). Public sources indicate this affects OMI alongside related System Center/OMS components, allowing an attacker with local access to obtain elevated privileges. The impact is descri...

7.8CVSS7.7AI score0.00988EPSS
CVE
CVE
added 2019/07/15 6:56 p.m.150 views

CVE-2019-0962

CVE-2019-0962 affects Azure Automation: an elevation-of-privilege vulnerability in the RunAs account runbooks that can let members with the contributor role access Key Vault secrets via a RunAs account. The root cause is misconfigured RunAs role assignments that inadvertently expose Key Vault acc...

4.9CVSS5.9AI score0.04293EPSS
CVE
CVE
added 2025/05/08 10:17 p.m.98 views

CVE-2025-29827

CVE-2025-29827 — Azure Automation Elevation of Privilege : The Azure Automation service is affected by an improper authorization vulnerability that can allow an authenticated attacker to elevate privileges over the network. Public sources in the provided documents indicate updates/fixes have been...

9.9CVSS8.4AI score0.01249EPSS
CVE
CVE
added 2021/11/24 1:5 a.m.94 views

CVE-2021-42306

CVE-2021-42306 describes an information-disclosure vulnerability in Azure AD where private key data uploaded as part of a certificate in the keyCredential of an Application or Service Principal could be read by an entity with application read access in the tenant. The root cause is the handling o...

8.1CVSS6.7AI score0.03082EPSS