VDB

GCVE-110-CLOUD-2024-0018

GCVE-110-CLOUD-2024-0018
Advisory Published
Vulnetix · Advisory published September 13, 2024
A vulnerability in Azure API Management allowed users with Reader access to escalate privileges to Contributor level by accessing admin user keys via the ARM API. This permitted full management capabilities through the Direct Management API, including reading secrets and modifying configurations.

Affected Products

VendorProductVersionsPlatforms
AzureAPI Management
AzureCloud Services

Browse GCVE Records

72,409 records in the GCVE database · Updated July 14, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›