CNNVD-202601-3926 Information

CNNVD ID

CNNVD-202601-3926

Related CVE

CVE-2026-24305

• CNNVD Published: 2026-01-22

Description (Chinese)

Microsoft Entra是美国Microsoft公司的一款身份与访问管理系统。 Microsoft Entra存在授权问题漏洞，该漏洞源于授权不当。攻击者利用该漏洞可以提升权限。

Description (English)

Microsoft Entra is an identity and access management system for Microsoft. Microsoft Entra had a mandate gap, which stemmed from inappropriate mandates. The attackers use this loophole to enhance their authority.

Hazard Level

Low

Vulnerability Type

授权问题

Affected Vendor

微软

Published

2026-01-22

Last Modified

2026-02-24

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24305

Patch

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24305