VDB
GCVE-110-CLOUD-2025-0022
GCVE-110-CLOUD-2025-0022
Advisory Published
A configuration change in Entra ID allowed unprivileged users to update their own User Principal Names (UPNs) through interfaces like the Entra admin center and PowerShell. This could lead to impersonation risks. Microsoft quickly fixed the issue after it was reported. The vulnerability affected synchronized hybrid environments as well.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Azure | Entra ID | — | — |
Browse GCVE Records
73,053 records in the GCVE database · Updated July 16, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.