本ページは microsoft azure_command-line_interface に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2025-24049 | Improper neutralization of special elements used in a command ('command injection') in Azure Command Line Integration (CLI) allows an unauthorized attacker to elevate privileges locally. | [email protected] | 8.4 | 0.40% | 2025-03-11 | 2025-07-02 |
| CVE-2024-43591 | Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability | [email protected] | 8.7 | 1.61% | 2024-10-08 | 2025-07-02 |
| CVE-2023-36052 | Azure CLI REST Command Information Disclosure Vulnerability | [email protected] | 8.6 | 21.54% | 2023-11-14 | 2025-07-02 |
| CVE-2022-39327 | Azure CLI is the command-line interface for Microsoft Azure. In versions previous to 2.40.0, Azure CLI contains a vulnerability for potential code injection. Critical scenarios are where a hosting machine runs an Azure CLI command where parameter values have been provided by an external source. The vulnerability is only applicable when the Azure CLI command is run on a Windows machine and with any version of PowerShell and when the parameter value contains the `&` or `|` symbols. If any of these | [email protected] | 8.1 | 3.21% | 2022-10-25 | 2024-11-21 |