Skip to main content

Azure Automation

4 CVEs product

Monthly

CVE-2025-29827 CRITICAL This Week

Improper authorization in Azure Automation allows an authorized attacker to elevate privileges over a network. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Azure Automation
NVD
CVSS 3.1
9.9
EPSS
1.1%
CVE-2024-21330 HIGH This Week

Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Azure Automation Azure Automation Update Management Azure Security Center +5
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2021-42306 HIGH PATCH This Week

An information disclosure vulnerability manifests when a user or an application uploads unprotected private key data as part of an authentication certificate keyCredential on an Azure AD Application. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. This Insufficiently Protected Credentials vulnerability could allow attackers to obtain user credentials due to weak protection mechanisms.

Microsoft Information Disclosure Azure Active Directory Azure Active Site Recovery Azure Automation +1
NVD
CVSS 3.1
8.1
EPSS
3.1%
CVE-2019-0962 MEDIUM PATCH This Month

An elevation of privilege vulnerability exists in Azure Automation "RunAs account" runbooks for users with contributor role, aka 'Azure Automation Elevation of Privilege Vulnerability'. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Information Disclosure Azure Automation
NVD
CVSS 3.0
4.9
EPSS
4.3%
EPSS 1% CVSS 9.9
CRITICAL This Week

Improper authorization in Azure Automation allows an authorized attacker to elevate privileges over a network. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Azure Automation
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Azure Automation +7
NVD
EPSS 3% CVSS 8.1
HIGH PATCH This Week

An information disclosure vulnerability manifests when a user or an application uploads unprotected private key data as part of an authentication certificate keyCredential on an Azure AD Application. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. This Insufficiently Protected Credentials vulnerability could allow attackers to obtain user credentials due to weak protection mechanisms.

Microsoft Information Disclosure Azure Active Directory +3
NVD
EPSS 4% CVSS 4.9
MEDIUM PATCH This Month

An elevation of privilege vulnerability exists in Azure Automation "RunAs account" runbooks for users with contributor role, aka 'Azure Automation Elevation of Privilege Vulnerability'. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Information Disclosure Azure Automation
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy