Microsoft: >> Azure Functions Security Vulnerabilities
Improper verification of cryptographic signature in Microsoft Azure Functions allows an authorized attacker to execute code over a network.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-04-30
Missing authentication for critical function in Microsoft Azure PolicyWatch allows an unauthorized attacker to elevate privileges over a network.
CVSS Score
8.2
EPSS Score
0.034
Published
2024-11-26
Improper access control in Imagine Cup allows an authorized attacker to elevate privileges over a network.
CVSS Score
7.5
EPSS Score
0.043
Published
2024-10-15
<p>An elevation of privilege vulnerability exists in the way Azure Functions validate access keys.</p>
<p>An unauthenticated attacker who successfully exploited this vulnerability could invoke an HTTP Function without proper authorization.</p>
<p>This security update addresses the vulnerability by correctly validating access keys used to access HTTP Functions.</p>
CVSS Score
5.3
EPSS Score
0.028
Published
2020-10-16