Skip to main content

Azure Service Fabric

9 CVEs product

Monthly

CVE-2025-21195 MEDIUM PATCH This Month

Improper link resolution before file access ('link following') in Service Fabric allows an authorized attacker to elevate privileges locally.

Information Disclosure Azure Service Fabric
NVD
CVSS 3.1
6.0
EPSS
0.1%
CVE-2025-24403 Maven MEDIUM Monitor

A missing permission check in Jenkins Azure Service Fabric Plugin 1.6 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of Azure credentials stored in Jenkins. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Jenkins Azure Service Fabric
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2025-24402 Maven MEDIUM Monitor

A cross-site request forgery (CSRF) vulnerability in Jenkins Azure Service Fabric Plugin 1.6 and earlier allows attackers to connect to a Service Fabric URL using attacker-specified credentials IDs. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft CSRF Jenkins Azure Service Fabric
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2024-43480 MEDIUM PATCH This Month

Azure Service Fabric for Linux Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable.

Heap Overflow Buffer Overflow RCE Microsoft Azure Service Fabric
NVD
CVSS 3.1
6.6
EPSS
1.1%
CVE-2023-36868 MEDIUM PATCH This Month

Azure Service Fabric on Windows Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Microsoft Azure Service Fabric
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2023-23383 MEDIUM PATCH This Month

Service Fabric Explorer Spoofing Vulnerability. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Azure Service Fabric
NVD
CVSS 3.1
4.7
EPSS
11.7%
CVE-2023-21531 HIGH This Week

Azure Service Fabric Container Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Microsoft Authentication Bypass Azure Service Fabric
NVD
CVSS 3.1
7.0
EPSS
0.7%
CVE-2022-35829 MEDIUM PATCH This Month

Service Fabric Explorer Spoofing Vulnerability. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Azure Service Fabric
NVD
CVSS 3.1
4.8
EPSS
19.8%
CVE-2021-27075 MEDIUM PATCH This Month

Azure Virtual Machine Information Disclosure Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Azure Container Instances Azure Container Registry Azure Kubernetes Service +2
NVD
CVSS 3.1
6.8
EPSS
1.3%
EPSS 0% CVSS 6.0
MEDIUM PATCH This Month

Improper link resolution before file access ('link following') in Service Fabric allows an authorized attacker to elevate privileges locally.

Information Disclosure Azure Service Fabric
NVD
EPSS 1% CVSS 4.3
MEDIUM Monitor

A missing permission check in Jenkins Azure Service Fabric Plugin 1.6 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of Azure credentials stored in Jenkins. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Jenkins +1
NVD
EPSS 1% CVSS 4.3
MEDIUM Monitor

A cross-site request forgery (CSRF) vulnerability in Jenkins Azure Service Fabric Plugin 1.6 and earlier allows attackers to connect to a Service Fabric URL using attacker-specified credentials IDs. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft CSRF Jenkins +1
NVD
EPSS 1% CVSS 6.6
MEDIUM PATCH This Month

Azure Service Fabric for Linux Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable.

Heap Overflow Buffer Overflow RCE +2
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Azure Service Fabric on Windows Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Microsoft Azure Service Fabric
NVD
EPSS 12% CVSS 4.7
MEDIUM PATCH This Month

Service Fabric Explorer Spoofing Vulnerability. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Azure Service Fabric
NVD
EPSS 1% CVSS 7.0
HIGH This Week

Azure Service Fabric Container Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Microsoft Authentication Bypass Azure Service Fabric
NVD
EPSS 20% CVSS 4.8
MEDIUM PATCH This Month

Service Fabric Explorer Spoofing Vulnerability. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Azure Service Fabric
NVD
EPSS 1% CVSS 6.8
MEDIUM PATCH This Month

Azure Virtual Machine Information Disclosure Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Azure Container Instances +4
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy