VDB

GCVE-110-CLOUD-2023-0044

GCVE-110-CLOUD-2023-0044
Advisory Published
Vulnetix · Advisory published March 30, 2023
Azure on-premises data gateway allows data transfer between an on-prem customer network and several Azure cloud services, and also enables a connected agent installed locally in an on-prem network to perform certain actions remotely. NetSPI discovered a deserialization issue in Microsoft Power Platform connectors that lead to RCE on several Azure backend servers that processed call backs from on-premises data gateways, effectively allowing unauthorized cross-tenant access.

Affected Products

VendorProductVersionsPlatforms
AzureOn-premises data gateway
AzureCloud Services

Browse GCVE Records

73,834 records in the GCVE database · Updated July 19, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›