Server-side request forgery (ssrf) in Azure Cloud Shell allows an unauthorized attacker to elevate privileges over a network.
The vulnerability is an SSRF class error (CWE-918), in which a server application — in this case Azure Cloud Shell — can be induced to perform network requests on behalf of an attacker without his authentication. A remote attacker, without any user interaction and without possessing an account, sends crafted requests that are processed by the server on the Azure infrastructure side. The attack vector is network, complexity is low, and the scope of impact extends beyond the original component (Scope: Changed), which means the ability to impact other resources in the cloud environment.
Successful exploitation of the vulnerability may allow an attacker to escalate privileges in the Azure environment, and given the CVSS values indicating full impact on confidentiality, integrity and availability — potentially complete takeover of resources available from Azure Cloud Shell.
Apply patches available from the vendor according to the references — detailed information is available in Microsoft Security Response Center at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32169. As a supplementary measure, it is recommended to restrict access to Azure Cloud Shell only to trusted and authenticated users and to monitor outbound traffic from cloud services.
Microsoft Azure Cloud Shell — versions indicated in the vendor's references
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HMicrosoft Azure Cloud Shell
APPMicrosoftwszystkie wersje
Related vulnerabilities
Command injection w Microsoft Azure Cloud Shell umożliwiający spoofing
Atak na łańcuch dostaw DAEMON Tools Lite — trojanizacja instalatorów
RCE przez deserializację niezaufanych danych w Microsoft SharePoint Server
RCE w Windows Server Update Service (WSUS) — deserializacja danych
Type confusion w V8 (Google Chrome) — zdalne uszkodzenie sterty