Severity by source
AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Lifecycle Timeline
3DescriptionCVE.org
Improper authentication in Azure SRE Agent allows an unauthorized attacker to disclose information over a network.
AnalysisAI
Information disclosure in Azure SRE Agent can be exploited by remote unauthenticated attackers via improper authentication mechanisms. The vulnerability carries an 8.6 CVSS score with network attack vector requiring low complexity and no user interaction, enabling attackers to extract high-confidentiality data with scope change impact. No public exploit identified at time of analysis, though the authentication bypass nature and network accessibility present significant risk to Azure infrastructure components.
Technical ContextAI
Azure SRE (Site Reliability Engineering) Agent is a Microsoft Azure infrastructure component responsible for site reliability operations and monitoring. This vulnerability stems from CWE-287 (Improper Authentication), indicating flawed or missing authentication validation in the agent's network-accessible interfaces. The CVSS scope change (S:C) suggests the vulnerability allows attackers to impact resources beyond the vulnerable component's security scope, potentially accessing data or systems the agent interacts with. The authentication weakness likely exists in API endpoints, service interfaces, or inter-service communication channels where identity verification is inadequately enforced, allowing unauthorized network clients to bypass access controls and retrieve sensitive operational data, configuration details, or customer information handled by the SRE agent.
RemediationAI
Apply Microsoft's security updates for Azure SRE Agent as detailed in the official MSRC advisory at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32173. For Azure platform services, Microsoft typically deploys infrastructure patches automatically, but customers should verify patch status through Azure Service Health notifications and the Security Update Guide. Organizations running self-managed or hybrid Azure components should prioritize immediate patching following Microsoft's guidance. As an interim measure where patching cannot be immediately applied, restrict network access to Azure SRE Agent interfaces through network segmentation, firewall rules, or Azure Network Security Groups to limit exposure to trusted management networks only. Monitor authentication logs for anomalous access attempts to SRE Agent endpoints and implement enhanced logging for authentication events until patches are fully deployed.
Same weakness CWE-287 – Improper Authentication
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-18558