2 matches found
CVE-2024-38194
CVE-2024-38194 represents an Elevation of Privilege vulnerability in Azure Web Apps caused by improper authorization. The CVE is cited as enabling an authenticated attacker to elevate privileges over a network. Connected sources corroborate Azure Web Apps as the affected product and indicate Micr...
CVE-2026-32211
CVE-2026-32211 describes a missing-authentication vulnerability in Azure MCP Server that allows an unauthorized network attacker to disclose information. The NVD entries corroborate a critical impact (CVSS v3.1: 9.1) with high confidentiality and integrity impact, and network attack vector with n...