Purview

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2025-21385 HIGH This Week

Microsoft Purview contains a server-side request forgery vulnerability that allows an authorized attacker to access internal network resources and disclose sensitive information. The SSRF enables reading internal service responses, accessing cloud metadata endpoints, and potentially pivoting to internal infrastructure.

Microsoft SSRF Purview

NVD

CVSS 3.1

8.8

EPSS

48.3%

CVE-2025-21385

EPSS 48% CVSS 8.8

HIGH This Week

Microsoft Purview contains a server-side request forgery vulnerability that allows an authorized attacker to access internal network resources and disclose sensitive information. The SSRF enables reading internal service responses, accessing cloud metadata endpoints, and potentially pivoting to internal infrastructure.

Microsoft SSRF Purview

NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy