cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-49052,https://securityvulnerability.io/vulnerability/CVE-2024-49052,Unauthorized Access to Elevated Privileges in Azure PolicyWatch,"An elevation of privilege vulnerability exists in Microsoft Azure PolicyWatch due to insufficient authentication for a critical function. This issue enables an unauthorized attacker to gain elevated privileges across a network, potentially compromising sensitive data and resources. Immediate action is recommended to safeguard systems and maintain the integrity of Azure services.",Microsoft,Microsoft Azure Functions,8.2,HIGH,0.0008699999889358878,false,,false,false,false,,,false,false,,2024-11-26T20:15:00.000Z,0
CVE-2024-38204,https://securityvulnerability.io/vulnerability/CVE-2024-38204,Imagine Cup site Information Disclosure Vulnerability,"An improper access control vulnerability in Imagine Cup enables an authorized attacker to elevate their privileges across a network. This flaw could potentially allow a malicious actor to gain elevated permissions, providing them with unauthorized access to sensitive functionalities within the application. Organizations using Imagine Cup are advised to review their security practices and apply necessary patches as recommended by Microsoft.",Microsoft,Microsoft Azure Functions,7.5,HIGH,0.0006500000017695129,false,,false,false,false,,,false,false,,2024-10-15T23:15:00.000Z,0
CVE-2023-36052,https://securityvulnerability.io/vulnerability/CVE-2023-36052,Azure CLI REST Command Information Disclosure Vulnerability,"An information disclosure vulnerability exists in Microsoft Azure CLI, allowing unauthorized access to sensitive data through its REST commands. This vulnerability can expose critical information, potentially impacting the security and confidentiality of systems utilizing Azure services. Users are advised to update their Azure CLI to mitigate the risks associated with this issue.",Microsoft,"Azure App Service,Azure Function App,Azure Logic App",8.6,HIGH,0.0030799999367445707,false,,false,false,false,,,false,false,,2023-11-14T18:15:00.000Z,0
CVE-2020-16904,https://securityvulnerability.io/vulnerability/CVE-2020-16904,Azure Functions Elevation of Privilege Vulnerability,"<p>An elevation of privilege vulnerability exists in the way Azure Functions validate access keys.</p>
<p>An unauthenticated attacker who successfully exploited this vulnerability could invoke an HTTP Function without proper authorization.</p>
<p>This security update addresses the vulnerability by correctly validating access keys used to access HTTP Functions.</p>
",Microsoft,Azure Functions,5.3,MEDIUM,0.01054999977350235,false,,false,false,false,,,false,false,,2020-10-16T23:15:00.000Z,0