VDB
GCVE-110-CLOUD-2022-0032
GCVE-110-CLOUD-2022-0032
Advisory Published
Azure Synapse Analytics and Azure Data Factory were vulnerable to cross-tenant access and code execution.
This was made possible via a combination of (1) a shell injection RCE vulnerability in the integration runtime,
(2) credentials for multiple customers stored on a shared host and (3) an insecure management server API.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Azure | Synapse Analytics, Data Factory | — | — |
| Azure | Synapse | — | — |
| Azure | Data Factory | — | — |
Aliases
Browse GCVE Records
72,409 records in the GCVE database · Updated July 14, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.