VDB
GCVE-110-CLOUD-2024-0029
GCVE-110-CLOUD-2024-0029
Advisory Published
Certain API endpoints on ml.azure.com and ai.azure.com used for adding/viewing data connections
could be leveraged for server side request forgeries (SSRF). While they do have protections to
restrict making requests to internal hosts, it was possible to circumvent those protections
using a 301 or 302 redirect response which points to a sensitive host.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Azure | Azure Machine Learning | — | — |
| Azure | Machine Learning | — | — |
| Azure | Cloud Services | — | — |
Browse GCVE Records
71,925 records in the GCVE database · Updated July 13, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.