{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-21532", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "state": "PUBLISHED", "assignerShortName": "microsoft", "dateReserved": "2025-12-30T18:10:54.847Z", "datePublished": "2026-02-05T22:13:24.102Z", "dateUpdated": "2026-05-11T21:25:26.964Z"}, "containers": {"cna": {"title": "Azure Function Information Disclosure Vulnerability", "datePublic": "2026-02-05T16:00:00.000Z", "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:azure_functions:*:*:*:*:*:*:*:*", "versionStartIncluding": "-"}]}]}], "affected": [{"vendor": "Microsoft", "product": "Azure Functions", "versions": [{"version": "-", "status": "affected"}]}], "descriptions": [{"value": "Azure Function Information Disclosure Vulnerability", "lang": "en-US"}], "problemTypes": [{"descriptions": [{"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", "lang": "en-US", "type": "CWE", "cweId": "CWE-200"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2026-05-11T21:25:26.964Z"}, "references": [{"name": "Azure Function Information Disclosure Vulnerability", "tags": ["vendor-advisory", "patch"], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21532"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "baseSeverity": "HIGH", "baseScore": 8.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C"}}], "tags": ["exclusively-hosted-service"]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-09T19:30:33.016970Z", "id": "CVE-2026-21532", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-09T19:30:41.931Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-21532", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-09T19:30:33.016970Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-09T19:30:37.694Z"}}], "cna": {"tags": ["exclusively-hosted-service"], "title": "Azure Function Information Disclosure Vulnerability", "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "baseScore": 8.2, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C"}, "scenarios": [{"lang": "en-US", "value": "GENERAL"}]}], "affected": [{"vendor": "Microsoft", "product": "Azure Functions", "versions": [{"status": "affected", "version": "-"}]}], "datePublic": "2026-02-05T16:00:00.000Z", "references": [{"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21532", "name": "Azure Function Information Disclosure Vulnerability", "tags": ["vendor-advisory", "patch"]}], "descriptions": [{"lang": "en-US", "value": "Azure Function Information Disclosure Vulnerability"}], "problemTypes": [{"descriptions": [{"lang": "en-US", "type": "CWE", "cweId": "CWE-200", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:azure_functions:*:*:*:*:*:*:*:*", "vulnerable": true, "versionStartIncluding": "-"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2026-05-11T18:10:07.537Z"}}}, "cveMetadata": {"cveId": "CVE-2026-21532", "state": "PUBLISHED", "dateUpdated": "2026-05-11T18:10:07.537Z", "dateReserved": "2025-12-30T18:10:54.847Z", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "datePublished": "2026-02-05T22:13:24.102Z", "assignerShortName": "microsoft"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:azure_functions:-:*:*:*:*:*:*:*", "matchCriteriaId": "55C8D12F-35AE-4DEF-B47C-D686B0F11B0B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [{"sourceIdentifier": "secure@microsoft.com", "tags": ["exclusively-hosted-service"]}], "descriptions": [{"lang": "en", "value": "Azure Function Information Disclosure Vulnerability"}], "id": "CVE-2026-21532", "lastModified": "2026-02-12T19:01:06.173", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.2, "source": "secure@microsoft.com", "type": "Primary"}]}, "published": "2026-02-05T23:15:54.317", "references": [{"source": "secure@microsoft.com", "tags": ["Vendor Advisory"], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21532"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "secure@microsoft.com", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-15T18:48:28.760520+00:00", "value": {"mitigation_remediation": ["Check the Microsoft update guide and apply any available fix for this CVE as soon as it is released.", "Enable authentication on function apps, such as Azure Active Directory or function app authentication, to restrict who can invoke the endpoints.", "Restrict network access by configuring function app firewall rules or IP restrictions so that only trusted networks can reach the functions.", "Monitor function app logs for any unusual access patterns that could indicate exploitation attempts."], "summary": {"action": "Assess Impact", "impact": "Information Disclosure"}, "threat_synthesis": {"affected_systems": "Microsoft Azure Functions is the product affected. No specific versions are listed, so all current Azure Functions deployments may be vulnerable until Microsoft releases a fix.", "description_and_impact": "The vulnerability is a type of information disclosure (CWE-200) in Microsoft Azure Functions. A flaw permits remote actors to access sensitive data that should remain confidential, potentially exposing configuration details, secrets, or other private information. The impact is a breach of confidentiality for affected deployments.", "risk_and_exploitability": "The CVSS score of 8.2 places the issue in the high severity range, while the EPSS score of less than 1% indicates a very low probability of public exploitation at this time. It is not listed in the CISA KEV catalog, which suggests no widespread known exploitation. Based on the description, it is inferred that the likely attack vector involves accessing publicly accessible Azure Function endpoints or management APIs. Until a vendor patch is available, the risk remains significant for any environment that stores or processes confidential data within Azure Functions."}}}}, "created": "2026-04-15T19:00:12.271661+00:00", "updated": "2026-04-15T19:00:12.271674+00:00", "vendors": []}