Vulnerability Details CVE-2026-57100
Server-side request forgery (ssrf) in Microsoft Entra Provisioning Service (SyncFabric) allows an authorized attacker to elevate privileges over a network.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 46.5%
CVSS Severity
CVSS v3 Score 9.9
Products affected by CVE-2026-57100
-
cpe:2.3:a:microsoft:entra_provisioning_service:-