本頁列出影響 microsoft azure_command-line_interface 的已公開 CVE 漏洞(透過 NVD CPE 關聯)。每列包含嚴重程度評分、摘要與發布日期,便於識別與分析安全議題。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2025-24049 | Improper neutralization of special elements used in a command ('command injection') in Azure Command Line Integration (CLI) allows an unauthorized attacker to elevate privileges locally. | [email protected] | 8.4 | 0.09% | 2025-03-11 | 2025-07-02 |
| CVE-2024-43591 | Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability | [email protected] | 8.7 | 0.38% | 2024-10-08 | 2025-07-02 |
| CVE-2023-36052 | Azure CLI REST Command Information Disclosure Vulnerability | [email protected] | 8.6 | 0.40% | 2023-11-14 | 2025-07-02 |
| CVE-2022-39327 | Azure CLI is the command-line interface for Microsoft Azure. In versions previous to 2.40.0, Azure CLI contains a vulnerability for potential code injection. Critical scenarios are where a hosting machine runs an Azure CLI command where parameter values have been provided by an external source. The vulnerability is only applicable when the Azure CLI command is run on a Windows machine and with any version of PowerShell and when the parameter value contains the `&` or `|` symbols. If any of these | [email protected] | 8.1 | 1.38% | 2022-10-25 | 2024-11-21 |