CNNVD-202601-3927 Information

CNNVD ID

CNNVD-202601-3927

Related CVE

CVE-2026-21227

• CNNVD Published: 2026-01-22

Description (Chinese)

Microsoft Azure Logic Apps是美国Microsoft公司的一个低代码自动化平台。 Microsoft Azure Logic Apps存在路径遍历漏洞，该漏洞源于路径名对受限目录的限制不当。攻击者利用该漏洞可以通过网络提升权限。

Description (English)

Microsoft Azure Logic Apps is a low-code automated platform for Microsoft USA. Microsoft Azure Logic Apps has a loophole in its path, which stems from inappropriate restrictions on restricted directories by its path name. The attackers used the loophole to enhance their access through the Internet.

Hazard Level

Medium

Vulnerability Type

路径遍历

Affected Vendor

微软

Published

2026-01-22

Last Modified

2026-02-24

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21227

Patch

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21227