CNNVD-202508-1176 Information
CNNVD ID
CNNVD-202508-1176
Related CVE
- CNNVD Published: 2025-08-12
Description (Chinese)
Microsoft Azure是美国微软(Microsoft)公司的一套开放的企业级云计算平台。 Microsoft Azure Virtual Machines存在访问控制错误漏洞。攻击者利用该漏洞执行欺骗攻击。以下产品和版本受到影响:DCasv5-series Azure VM,DCadsv5-series Azure VM,ECasv5-series Azure VM,ECadsv5-series Azure VM,DCesv5-series - Azure VM,DCedsv5-series Azure VM,ECesv5-series Azure VM,ECedsv5-series Azure VM,NCCadsH100v5-series Azure VM,DCesv6-series Azure VM,Ecesv6-series Azure VM。
Description (English)
Microsoft Azure is an open-ended enterprise cloud computing platform for Microsoft (MSC) in the United States. There was a bug in access control in Microsoft Azure Virtual Machines. The attackers used the loophole to carry out the deceptive attack. The following products and versions have been affected: DCAsv5-series Appure VM, DCAsv5-series Appure VM, ECAsv5-series VM, DCSv5-series - Azure VM, DCDedsv5-series VM, ECSv5-series Appure VM, ECedsv5-serrees Appure VM, NCCAsH 100v5-serves Appure VM, DCSv6-services VM, Ecesv6-series Appure VM.
Hazard Level
Medium
Vulnerability Type
访问控制错误
Affected Vendor
微软
Published
2025-08-12
Last Modified
2026-02-24
References
https://nvd.nist.gov/vuln/detail/CVE-2025-49707 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49707
Patch
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49707
Share on: