What is the CVSS score of CVE-2026-21227?

CVE-2026-21227 has a CVSS 3.1 base score of 8.2 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N. EPSS exploitation probability: 0.1%.

Which versions of Azure are affected by CVE-2026-21227?

CVE-2026-21227 is a high-severity privilege escalation vulnerability in Azure Logic Apps that could allow attackers to gain unauthorized access to sensitive systems and data.. A patch is available.

How to fix or mitigate CVE-2026-21227?

Within 24 hours: Inventory all Azure Logic Apps instances in your environment and assess which are internet-facing or process sensitive data. Within 7 days: Implement network segmentation to restrict Logic Apps access and enable Azure WAF rules to filter malicious path traversal patterns. Within 30 days: Monitor Microsoft security advisories for patch availability and establish a deployment plan; consider temporarily disabling non-critical Logic Apps workflows pending patch release.

Azure CVE-2026-21227

HIGH

Path Traversal (CWE-22)

2026-01-22 secure@microsoft.com

Azure Path Traversal Azure Logic Apps

8.2

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

8.2 HIGH

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

Low

Availability

None

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:54 vuln.today

CVE Published

Jan 22, 2026 - 23:15 nvd

HIGH 8.2

DescriptionCVE.org

Improper limitation of a pathname to a restricted directory ('path traversal') in Azure Logic Apps allows an unauthorized attacker to elevate privileges over a network.

AnalysisAI

Privilege escalation in Azure Logic Apps results from improper path validation, enabling remote attackers to gain elevated access without authentication or user interaction. Organizations using Azure Logic Apps are at risk of unauthorized privilege elevation through network-based attacks, with no available patch currently provided.

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Send crafted path traversal request

Exploit

Bypass directory restrictions in Logic Apps

Execution

Access restricted files

Impact

Escalate privileges over network

Access

Send crafted path traversal request

Exploit

Bypass directory restrictions in Logic Apps

Execution

Access restricted files

Impact

Escalate privileges over network

Vulnerability AssessmentAI

Exploitation	No special conditions — remote unauthenticated exploitation against default configurations of Azure Logic Apps accessible over network with path traversal vulnerability enabled. Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	CVSS 8.2 (HIGH). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	A remote attacker without authentication could exploit this vulnerability to compromise the affected system.
Remediation	Monitor vendor advisories for a patch. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Inventory all Azure Logic Apps instances in your environment and assess which are internet-facing or process sensitive data. …

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-21227 vulnerability details – vuln.today

Back

Azure CVE-2026-21227

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Unlock full vulnerability intelligence

Attack ChainAIDerived

Vulnerability AssessmentAI

Recommended ActionAI

Share

External POC / Exploit Code