Lucene search
K
MicrosoftAzure Logic Apps

4 matches found

CVE
CVE
added 2023/12/12 6:10 p.m.91 views

CVE-2023-36019

The CVE-2023-36019 entry applies to Microsoft Power Platform Connector (Power Platform/Logic Apps/Power Automate). The vulnerability is a Spoofing flaw that could allow an attacker to pretend to be another user via the connector, enabling impersonation with high impact (CVE-2023-36019 CVSS 9.6, e...

9.6CVSS8.3AI score0.16221EPSS
CVE
CVE
added 2026/04/14 4:58 p.m.32 views

CVE-2026-32171

CVE-2026-32171—Azure Logic Apps Elevation of Privilege is confirmed with a high-severity impact (CVSS v3.1 base 8.8) due to insufficiently protected credentials that allow an authorized attacker to obtain elevated privileges over the network. Affected product: Azure Logic Apps. Root cause: insuff...

8.8CVSS5.8AI score0.0044EPSS
CVE
CVE
added 2026/05/12 4:59 p.m.32 views

CVE-2026-42823

Azure Logic Apps is affected by CVE-2026-42823 due to improper access control that may allow an authorized attacker to elevate privileges over a network. The CVSS 3.1 metrics indicate a CRITICAL score (9.9) with network attack vector, low complexity, and privileges required, and impacts to confid...

9.9CVSS5.8AI score0.00601EPSS
CVE
CVE
added 2026/01/22 10:47 p.m.18 views

CVE-2026-21227

The CVE-2026-21227 entry describes a path traversal vulnerability in Azure Logic Apps: improper limitation of a pathname to a restricted directory that could allow an unauthenticated attacker to elevate privileges over a network. The root cause is stated as a pathname restriction flaw in Azure Lo...

9.8CVSS5.4AI score0.00492EPSS