Vulnerability Details CVE-2020-16904
<p>An elevation of privilege vulnerability exists in the way Azure Functions validate access keys.</p>
<p>An unauthenticated attacker who successfully exploited this vulnerability could invoke an HTTP Function without proper authorization.</p>
<p>This security update addresses the vulnerability by correctly validating access keys used to access HTTP Functions.</p>
Exploit prediction scoring system (EPSS) score
EPSS Score 0.028
EPSS Ranking 85.6%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 7.5
References
Products affected by CVE-2020-16904
-
cpe:2.3:a:microsoft:azure_functions:-