2 matches found
CVE-2025-21384
CVE-2025-21384 corresponds to an authenticated SSRF (Server-Side Request Forgery) vulnerability in Microsoft Azure Health Bot that can lead to privilege elevation over a network. The advisory notes an authenticated attacker can exploit SSRF to escalate privileges; the CVSS v3.1 base score is 8.8 ...
CVE-2024-38109
CVE-2024-38109 – Azure Health Bot Elevation of Privilege is an authenticated SSRF vulnerability in Microsoft Azure Health Bot that can allow an attacker to elevate privileges over a network. The vulnerability is documented in Microsoft’s advisory (CVE-2024-38109) and is referenced in multiple fee...