CVE-2026-32173

| EUVD-2026-18558 HIGH
2026-04-03 [email protected]
8.6
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

3
Analysis Generated
Apr 03, 2026 - 00:22 vuln.today
EUVD ID Assigned
Apr 03, 2026 - 00:22 euvd
EUVD-2026-18558
CVE Published
Apr 03, 2026 - 00:16 nvd
HIGH 8.6

Tags

Microsoft Authentication Bypass

Description

Improper authentication in Azure SRE Agent allows an unauthorized attacker to disclose information over a network.

Analysis

Information disclosure in Azure SRE Agent can be exploited by remote unauthenticated attackers via improper authentication mechanisms. The vulnerability carries an 8.6 CVSS score with network attack vector requiring low complexity and no user interaction, enabling attackers to extract high-confidentiality data with scope change impact. …

Sign in for full analysis, threat intelligence, and remediation guidance.

Remediation

Within 24 hours: Identify and inventory all Azure SRE Agent deployments in production environments and confirm affected versions. Within 7 days: Implement network segmentation to restrict Azure SRE Agent access to authorized administrative networks only, and enable comprehensive logging of all SRE Agent communications. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Priority Score

43
Low Medium High Critical
KEV: 0
EPSS: +0.1
CVSS: +43
POC: 0

Share

CVE-2026-32173 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy