VDB

GCVE-110-CLOUD-2022-0008

GCVE-110-CLOUD-2022-0008
Advisory Published
Vulnetix · Advisory published October 25, 2022
Azure CLI contained a code injection vulnerability that could be exploited in a scenario where the host runs a command where parameter values have been provided by an external untrusted source - these could be specially crafted in such a way as to exploit the vulnerability, leading to remote code execution on the host. The vulnerability is only applicable when the Azure CLI command is run on a Windows machine and with any version of PowerShell and when the parameter value contains the `&` or `|` symbols.

Affected Products

VendorProductVersionsPlatforms
AzureAzure CLI
AzureCloud Services

References

advisory
advisory
advisory
advisory

Browse GCVE Records

73,442 records in the GCVE database · Updated July 17, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›