VDB
GCVE-110-CLOUD-2022-0008
GCVE-110-CLOUD-2022-0008
Advisory Published
Azure CLI contained a code injection vulnerability that could be exploited in
a scenario where the host runs a command where parameter values have been provided
by an external untrusted source - these could be specially crafted in such a way
as to exploit the vulnerability, leading to remote code execution on the host.
The vulnerability is only applicable when the Azure CLI command is run on a Windows
machine and with any version of PowerShell and when the parameter value contains
the `&` or `|` symbols.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Azure | Azure CLI | — | — |
| Azure | Cloud Services | — | — |
Browse GCVE Records
73,442 records in the GCVE database · Updated July 17, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.