This page lists publicly disclosed CVE vulnerabilities affecting microsoft azure_command-line_interface (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-24049 | Improper neutralization of special elements used in a command ('command injection') in Azure Command Line Integration (CLI) allows an unauthorized attacker to elevate privileges locally. | [email protected] | 8.4 | 0.09% | 2025-03-11 | 2025-07-02 |
| CVE-2024-43591 | Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability | [email protected] | 8.7 | 0.38% | 2024-10-08 | 2025-07-02 |
| CVE-2023-36052 | Azure CLI REST Command Information Disclosure Vulnerability | [email protected] | 8.6 | 0.40% | 2023-11-14 | 2025-07-02 |
| CVE-2022-39327 | Azure CLI is the command-line interface for Microsoft Azure. In versions previous to 2.40.0, Azure CLI contains a vulnerability for potential code injection. Critical scenarios are where a hosting machine runs an Azure CLI command where parameter values have been provided by an external source. The vulnerability is only applicable when the Azure CLI command is run on a Windows machine and with any version of PowerShell and when the parameter value contains the `&` or `|` symbols. If any of these | [email protected] | 8.1 | 1.38% | 2022-10-25 | 2024-11-21 |