CRITICAL✓ PATCH🇵🇱 Wersja polska

CVE-2026-35431

CVSS 10.0v3.1pub. 2026-04-23upd. 2026-04-28

Server-side request forgery (ssrf) in Microsoft Entra ID Entitlement Management allows an unauthorized attacker to perform spoofing over a network.

🤖 AI Analysis
How it works

An attacker without any authentication, acting remotely over the network, can cause the server to send HTTP requests on their behalf to any network resources — both internal and external. The SSRF mechanism in Microsoft Entra ID Entitlement Management does not require user interaction or any permissions, meaning full exposure to external attack. The vulnerability has a changed scope (Scope: Changed), indicating that the impact may extend beyond the directly attacked component.

Impact

An attacker can conduct identity or network request spoofing, potentially gaining access to internal infrastructure resources, configuration data, or other services not directly accessible from outside. Complete CVSS assessments indicate the possibility of high-level breaches of confidentiality, integrity, and availability.

Mitigation & patch

Apply patches available from the manufacturer according to the references: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-35431. Since the service is managed by Microsoft (cloud), updates may be deployed automatically on the provider's side — it is recommended to verify the patch status in the Microsoft Security Response Center.

Who is affected

Microsoft Entra ID (Entitlement Management module) — specific versions indicated in the manufacturer's references

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
  • Microsoft Entra Id

    APP
    Microsoft
    wszystkie wersje
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
SSRF
CWE
References

Related vulnerabilities

CVE-2026-33843CRITICAL9.1PL ✓ten sam produkt

Obejście uwierzytelnienia w Microsoft Azure Active Directory B2C

CVE-2026-42901CRITICAL10.0PL ✓ten sam produkt

Błąd walidacji źródła w Microsoft Entra ID umożliwia privilege escalation

CVE-2026-40379CRITICAL9.3PL ✓ten sam produkt

Ujawnienie wrażliwych danych w Azure Entra ID umożliwiające spoofing

CVE-2026-24305CRITICAL9.3PL ✓ten sam produkt

Microsoft Entra ID — Elevation of Privilege (nieautoryzowane podwyższenie uprawnień)

CVE-2025-59246CRITICAL9.8PL ✓ten sam produkt

Eskalacja uprawnień w Microsoft Azure Entra ID (CVE-2025-59246)