7.7
CVE-2025-53781
- EPSS 1.05%
- Veröffentlicht 12.08.2025 17:09:51
- Zuletzt bearbeitet 10.09.2025 14:57:05
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
Azure Virtual Machines Information Disclosure Vulnerability
Exposure of sensitive information to an unauthorized actor in Azure Virtual Machines allows an authorized attacker to disclose information over a network.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Ecesv6-series Azure Vm Firmware Version-
Microsoft ≫ Dcesv6-series Azure Vm Firmware Version-
Microsoft ≫ Nccadsh100v5-series Azure Vm Firmware Version-
Microsoft ≫ Ecedsv5-series Azure Vm Firmware Version-
Microsoft ≫ Ecesv5-series Azure Vm Firmware Version-
Microsoft ≫ Dcedsv5-series Azure Vm Firmware Version-
Microsoft ≫ Dcesv5-series Azure Vm Firmware Version-
Microsoft ≫ Ecadsv5-series Azure Vm Firmware Version-
Microsoft ≫ Ecasv5-series Azure Vm Firmware Version-
Microsoft ≫ Dcadsv5-series Azure Vm Firmware Version-
Microsoft ≫ Dcasv5-series Azure Vm Firmware Version-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.05% | 0.598 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
| secure@microsoft.com | 7.7 | 3.1 | 4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53781