Lucene search
K
MicrosoftAzure Functions

5 matches found

CVE
CVE
added 2024/11/26 7:44 p.m.95 views

CVE-2024-49052

CVE-2024-49052 is a Microsoft Azure PolicyWatch elevation-of-privilege vulnerability described as missing authentication for a critical function, enabling a network-based attacker to raise privileges without user interaction. Connected sources corroborate a network-exposed, high-severity issue (C...

9.8CVSS8.2AI score0.00691EPSS
CVE
CVE
added 2025/04/30 5:14 p.m.86 views

CVE-2025-33074

The CVE-2025-33074 entry describes an improper verification of cryptographic signatures in Microsoft Azure Functions, enabling an authenticated attacker to execute code over a network. Several connected sources corroborate the issue across vendors and regions (NVD/NVDC, Red Hat, CNVD, MSRC, PT Se...

8.8CVSS7.6AI score0.00459EPSS
CVE
CVE
added 2024/10/15 10:46 p.m.80 views

CVE-2024-38204

CVE-2024-38204 is an improper access control vulnerability affecting Microsoft Imagine Cup (site). Connected sources confirm an authorized attacker could elevate privileges over a network due to insufficient access control. Microsoft’s MSRC entry and other feeds link this CVE to Microsoft Azure F...

7.5CVSS7AI score0.00961EPSS
CVE
CVE
added 2020/10/16 10:17 p.m.78 views

CVE-2020-16904

CVE-2020-16904 affects Azure Functions where access keys are not validated correctly for HTTP Functions, allowing an unauthenticated attacker to invoke the function without proper authorization. The vulnerability is an elevation of privilege issue tied to HTTP Functions’ access key validation. Mi...

9.8CVSS5.7AI score0.03123EPSS
CVE
CVE
added 2026/02/05 10:13 p.m.47 views

CVE-2026-21532

CVE-2026-21532 relates to an information disclosure vulnerability in Azure Function. Multiple connected sources (Red Hat, ENISA EUVD, CIRCL, NVD, CVE listing, PT Security) identify it as Azure Function Information Disclosure Vulnerability with high impact to confidentiality (CVSS v3.1: 8.2, AV:N,...

8.2CVSS5.3AI score0.00842EPSS