VDB
GCVE-110-CLOUD-2025-0049
GCVE-110-CLOUD-2025-0049
Advisory Published
A configuration change in Entra ID allowed unprivileged users to update their own User Principal Names (UPNs) through interfaces like the Entra admin center and PowerShell. This could lead to impersonation risks. Microsoft quickly fixed the issue after it was reported. The vulnerability affected synchronized hybrid environments as well.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Azure | Entra | — | — |
References
Browse GCVE Records
73,734 records in the GCVE database · Updated July 18, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.