8.1
CVE-2026-26148
- EPSS 0.06%
- Veröffentlicht 10.03.2026 17:05:14
- Zuletzt bearbeitet 13.03.2026 17:03:19
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
LoginMicrosoft Azure AD SSH Login extension for Linux Elevation of Privilege Vulnerability
External initialization of trusted variables or data stores in Azure Entra ID allows an unauthorized attacker to elevate privileges locally.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Azure Ad Ssh Login Extension For Linux Version >= 1.0.0 < 1.0.033370002
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.06% | 0.175 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| secure@microsoft.com | 8.1 | 1.4 | 6 |
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
|
CWE-454 External Initialization of Trusted Variables or Data Stores
The product initializes critical internal variables or data stores using inputs that can be modified by untrusted actors.