Microsoft: >> Azure Functions Security Vulnerabilities
Azure Function Information Disclosure Vulnerability
CVSS Score
8.2
EPSS Score
0.001
Published
2026-02-05
Improper verification of cryptographic signature in Microsoft Azure Functions allows an authorized attacker to execute code over a network.
CVSS Score
7.5
EPSS Score
0.004
Published
2025-04-30
Missing authentication for critical function in Microsoft Azure PolicyWatch allows an unauthorized attacker to elevate privileges over a network.
CVSS Score
8.2
EPSS Score
0.018
Published
2024-11-26
Improper access control in Imagine Cup allows an authorized attacker to elevate privileges over a network.
CVSS Score
7.5
EPSS Score
0.069
Published
2024-10-15
<p>An elevation of privilege vulnerability exists in the way Azure Functions validate access keys.</p>
<p>An unauthenticated attacker who successfully exploited this vulnerability could invoke an HTTP Function without proper authorization.</p>
<p>This security update addresses the vulnerability by correctly validating access keys used to access HTTP Functions.</p>
CVSS Score
5.3
EPSS Score
0.024
Published
2020-10-16