Skip to main content

Azure OpenAI CVE-2026-45499

| EUVDEUVD-2026-41443 HIGH
Server-Side Request Forgery (SSRF) (CWE-918)
2026-07-02 microsoft GHSA-f7gx-8wv8-8wm9
8.8
CVSS 3.1 · NVD
Temporal: 8.6
Share

Severity by source

Vendor (microsoft) PRIMARY
CRITICAL
qualitative
NVD
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
ENISA EUVD
HIGH
qualitative
CIRCL (temporal)
8.6 HIGH
cvss
vuln.today AI
8.8 HIGH

Network-reachable service requiring valid low-privilege authorization (PR:L) and no user interaction; SSRF-to-privilege-escalation yields total confidentiality, integrity, and availability impact.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (microsoft).

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

7
Analysis Updated
Jul 07, 2026 - 14:13 vuln.today
v3 (cvss_changed)
Analysis Updated
Jul 07, 2026 - 14:13 vuln.today
v2 (cvss_changed)
Re-analysis Queued
Jul 07, 2026 - 14:07 vuln.today
cvss_changed
Severity Changed
Jul 07, 2026 - 14:07 NVD
CRITICAL HIGH
CVSS changed
Jul 07, 2026 - 14:07 NVD
9.9 (CRITICAL) 8.8 (HIGH)
Analysis Generated
Jul 02, 2026 - 22:50 vuln.today
CVE Published
Jul 02, 2026 - 22:18 cve.org
CRITICAL 9.9

DescriptionNVD

Server-side request forgery (ssrf) in Azure OpenAI allows an authorized attacker to elevate privileges over a network.

AnalysisAI

Privilege elevation in Microsoft's Azure OpenAI service allows an authorized (low-privileged) attacker to abuse a server-side request forgery flaw (CWE-918) to force the service backend to issue attacker-controlled network requests, resulting in high confidentiality, integrity, and availability impact. The flaw carries CVSS 8.8 and requires only low privileges over the network with no user interaction, but currently shows no public exploit identified at time of analysis and a modest EPSS of 0.62%. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain low-privilege Azure OpenAI access
Delivery
Submit crafted request with attacker URL
Exploit
Backend performs SSRF to internal endpoint
Execution
Harvest metadata credentials/tokens
Impact
Elevate privileges over network

Vulnerability AssessmentAI

Exploitation Exploitation requires the attacker to already possess valid low-privilege authorization to the Azure OpenAI service (CVSS PR:L - this is an 'authorized attacker' per the description), reachable over the network with no user interaction and low attack complexity. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Signals are mixed. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who already holds low-privilege authorized access to an Azure OpenAI resource submits a crafted request causing the service backend to fetch an attacker-specified internal URL (for example a cloud metadata or internal control-plane endpoint). The backend response leaks credentials or tokens that the attacker uses to elevate privileges beyond their original scope. …
Remediation Patch available per vendor advisory: Microsoft reports a fix is available and, as Azure OpenAI is a hosted service, the remediation is applied server-side by Microsoft with no customer action required to receive the fix - review the MSRC advisory at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45499 to confirm applicability. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify all Azure OpenAI deployments in use and review recent authentication logs for suspicious API activity or anomalous requests. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-45499 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy