VDB
CNVD-2026-12908
CNVD-2026-12908
PUBLISHED
CVSS 8.600000381469727 HIGH
Microsoft Azure Arc是美国微软(Microsoft)公司的一个存储系统。可将Azure平台扩展到您的环境中。 Microsoft Azure Arc存在访问控制错误漏洞,攻击者可利用该漏洞提升权限。
Risk Scores
CVSS v3.1
8.600000381469727
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Azure ARC | - |
| microsoft | azure_arc | - |
Timeline
- Feb 5, 2026 CVE Published
- Feb 5, 2026 PoC Published
- Feb 10, 2026 PoC Published
- Feb 10, 2026 PoC Published
- Feb 13, 2026 PoC Published
- Feb 13, 2026 PoC Published
- Feb 13, 2026 PoC Published
- May 11, 2026 Security Advisory
References
- Azure Arc Elevation of Privilege Vulnerability vendor-advisory