6.5
CVE-2026-21528
- EPSS 0.1%
- Veröffentlicht 10.02.2026 18:16:35
- Zuletzt bearbeitet 19.02.2026 17:24:48
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
LoginAzure IoT Explorer Information Disclosure Vulnerability
Binding to an unrestricted ip address in Azure IoT Explorer allows an unauthorized attacker to disclose information over a network.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Azure Iot Explorer Version < 0.15.13
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.1% | 0.273 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| secure@microsoft.com | 6.5 | 3.9 | 2.5 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
|
CWE-1327 Binding to an Unrestricted IP Address
The product assigns the address 0.0.0.0 for a database server, a cloud service/instance, or any computing resource that communicates remotely.
CWE-668 Exposure of Resource to Wrong Sphere
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.