VDB
GCVE-110-CLOUD-2024-0018
GCVE-110-CLOUD-2024-0018
Advisory Published
A vulnerability in Azure API Management allowed users with Reader access to escalate privileges to Contributor level by accessing admin user keys via the ARM API. This permitted full management capabilities through the Direct Management API, including reading secrets and modifying configurations.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Azure | API Management | — | — |
| Azure | Cloud Services | — | — |
Browse GCVE Records
72,409 records in the GCVE database · Updated July 14, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.