9.1
CVE-2026-33117
- EPSS 0.48%
- Veröffentlicht 12.05.2026 16:58:17
- Zuletzt bearbeitet 15.05.2026 18:38:17
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
Azure SDK for Java Security Feature Bypass Vulnerability
Improper authentication in Azure SDK allows an unauthorized attacker to bypass a security feature over a network.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Azure Sdk For Java Version < 4.10.6
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.48% | 0.376 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| secure@microsoft.com | 9.1 | 3.9 | 5.2 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
|
CWE-287 Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
CWE-347 Improper Verification of Cryptographic Signature
The product does not verify, or incorrectly verifies, the cryptographic signature for data.
Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33117