{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23651", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "state": "PUBLISHED", "assignerShortName": "microsoft", "dateReserved": "2026-01-14T16:59:33.462Z", "datePublished": "2026-03-05T22:18:19.068Z", "dateUpdated": "2026-04-14T16:36:19.636Z"}, "containers": {"cna": {"title": "Microsoft ACI Confidential Containers Elevation of Privilege Vulnerability", "datePublic": "2026-03-05T16:00:00.000Z", "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:microsoft_aci_confidential_containers:*:*:*:*:*:*:*:*", "versionStartIncluding": "-"}]}]}], "affected": [{"vendor": "Microsoft", "product": "Microsoft ACI Confidential Containers", "versions": [{"version": "-", "status": "affected"}]}], "descriptions": [{"value": "Permissive regular expression in Azure Compute Gallery allows an authorized attacker to elevate privileges locally.", "lang": "en-US"}], "problemTypes": [{"descriptions": [{"description": "CWE-625: Permissive Regular Expression", "lang": "en-US", "type": "CWE", "cweId": "CWE-625"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2026-04-14T16:36:19.636Z"}, "references": [{"name": "Microsoft ACI Confidential Containers Elevation of Privilege Vulnerability", "tags": ["vendor-advisory", "patch"], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23651"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "baseSeverity": "MEDIUM", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C"}}], "tags": ["exclusively-hosted-service"]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-09T18:20:33.834821Z", "id": "CVE-2026-23651", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-09T18:20:58.707Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-23651", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-09T18:20:33.834821Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-09T18:20:53.648Z"}}], "cna": {"tags": ["exclusively-hosted-service"], "title": "Microsoft ACI Confidential Containers Elevation of Privilege Vulnerability", "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "baseScore": 6.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C"}, "scenarios": [{"lang": "en-US", "value": "GENERAL"}]}], "affected": [{"vendor": "Microsoft", "product": "Microsoft ACI Confidential Containers", "versions": [{"status": "affected", "version": "-"}]}], "datePublic": "2026-03-05T16:00:00.000Z", "references": [{"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23651", "name": "Microsoft ACI Confidential Containers Elevation of Privilege Vulnerability", "tags": ["vendor-advisory", "patch"]}], "descriptions": [{"lang": "en-US", "value": "Permissive regular expression in Azure Compute Gallery allows an authorized attacker to elevate privileges locally."}], "problemTypes": [{"descriptions": [{"lang": "en-US", "type": "CWE", "cweId": "CWE-625", "description": "CWE-625: Permissive Regular Expression"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:microsoft_aci_confidential_containers:*:*:*:*:*:*:*:*", "vulnerable": true, "versionStartIncluding": "-"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2026-04-14T16:36:19.636Z"}}}, "cveMetadata": {"cveId": "CVE-2026-23651", "state": "PUBLISHED", "dateUpdated": "2026-04-14T16:36:19.636Z", "dateReserved": "2026-01-14T16:59:33.462Z", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "datePublished": "2026-03-05T22:18:19.068Z", "assignerShortName": "microsoft"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:aci_confidential_containers:-:*:*:*:*:*:*:*", "matchCriteriaId": "E0672AA1-25ED-4836-A487-6DA0FC873C84", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [{"sourceIdentifier": "secure@microsoft.com", "tags": ["exclusively-hosted-service"]}], "descriptions": [{"lang": "en", "value": "Permissive regular expression in Azure Compute Gallery allows an authorized attacker to elevate privileges locally."}, {"lang": "es", "value": "Expresi\u00f3n regular permisiva en Azure Compute Gallery permite a un atacante autorizado elevar privilegios localmente."}], "id": "CVE-2026-23651", "lastModified": "2026-03-16T15:40:35.150", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "secure@microsoft.com", "type": "Primary"}]}, "published": "2026-03-05T23:16:19.673", "references": [{"source": "secure@microsoft.com", "tags": ["Vendor Advisory"], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23651"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-625"}], "source": "secure@microsoft.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,*]"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Microsoft ACI Confidential Containers", "source": "cna", "vendor": "Microsoft"}, "product": "microsoft_aci_confidential_containers", "vendor": "microsoft"}], "analysis": {"en": {"generated_at": "2026-04-15T15:11:27.340616+00:00", "value": {"mitigation_remediation": ["Apply any Microsoft security update for ACI Confidential Containers that addresses the regular expression flaw, as listed in the Microsoft Security Update Guide reference.", "Restrict roles and permissions for users and services that can create or modify gallery artifacts, ensuring they only have the minimum required rights.", "If an update is not yet available, disable or limit the use of the Azure Compute Gallery feature that enables the permissive regex until a fix can be applied."], "summary": {"action": "Apply Patch", "impact": "Elevation of Privilege"}, "threat_synthesis": {"affected_systems": "This issue affects Microsoft ACI Confidential Containers as distributed by Microsoft. No specific product version is provided in the advisory, so any deployment that includes this component remains potentially vulnerable until a patch is applied. System administrators should review the installed version against the Microsoft Security Update Guide linked in the advisory to confirm exposure.", "description_and_impact": "The vulnerability resides in a permissive regular expression used by Azure Compute Gallery, which can be exploited by an authorized attacker with local access to elevate privileges within the Microsoft ACI Confidential Containers environment. The flaw is classified under CWE\u2011625, allowing an attacker to execute privileged actions that were not intended for them. As a result, the attacker could potentially gain higher privileges, execute arbitrary code, or modify resources, compromising confidentiality, integrity, and availability of the container environment.", "risk_and_exploitability": "The CVSS base score is 6.7, indicating a medium severity risk, and the EPSS score is below 1\u202f%, suggesting a low probability of exploitation at the time of analysis. The vulnerability is not listed in the CISA KEV catalog, so there is no confirmed active exploitation. Attachment is limited to users who have authorized access to Azure Compute Gallery, so the attack requires local or privileged context; the lack of remote attack vectors reduces overall risk, but the potential impact of privilege escalation warrants timely remediation."}}}}, "created": "2026-03-06T14:56:44.384783+00:00", "updated": "2026-04-15T17:00:07.049237+00:00", "vendors": ["microsoft", "microsoft$PRODUCT$microsoft_aci_confidential_containers"]}