CVE-2025-53767
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-08-07
Last updated on: 2025-08-14
Assigner: Microsoft Corporation
Description
Description
Azure OpenAI Elevation of Privilege Vulnerability
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| microsoft | azure_openai | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-918 | The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an elevation of privilege issue in Azure OpenAI, meaning an attacker could gain higher-level permissions than intended, potentially allowing them to fully compromise the affected system.
How can this vulnerability impact me? :
The vulnerability can have a severe impact by allowing attackers to gain complete control over the affected Azure OpenAI environment, leading to full confidentiality and integrity compromise, though availability is not affected.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70