{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-32171", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "state": "PUBLISHED", "assignerShortName": "microsoft", "dateReserved": "2026-03-10T23:09:43.266Z", "datePublished": "2026-04-14T16:58:31.359Z", "dateUpdated": "2026-05-12T17:39:30.773Z"}, "containers": {"cna": {"title": "Azure Logic Apps Elevation of Privilege Vulnerability", "datePublic": "2026-04-14T14:00:00.000Z", "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:azure_logic_apps:*:*:*:*:*:*:*:*", "versionStartIncluding": "-"}]}]}], "affected": [{"vendor": "Microsoft", "product": "Azure Logic Apps", "versions": [{"version": "-", "status": "affected"}]}], "descriptions": [{"value": "Insufficiently protected credentials in Azure Logic Apps allows an authorized attacker to elevate privileges over a network.", "lang": "en-US"}], "problemTypes": [{"descriptions": [{"description": "CWE-522: Insufficiently Protected Credentials", "lang": "en-US", "type": "CWE", "cweId": "CWE-522"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2026-05-12T17:39:30.773Z"}, "references": [{"name": "Azure Logic Apps Elevation of Privilege Vulnerability", "tags": ["vendor-advisory", "patch"], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32171"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "baseSeverity": "HIGH", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"}}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-10T00:00:00+00:00", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2026-32171"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-15T03:56:40.226Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-32171", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-14T19:11:29.908589Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-14T19:11:30.908Z"}}], "cna": {"title": "Azure Logic Apps Elevation of Privilege Vulnerability", "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"}, "scenarios": [{"lang": "en-US", "value": "GENERAL"}]}], "affected": [{"vendor": "Microsoft", "product": "Azure Logic Apps", "versions": [{"status": "affected", "version": "-"}]}], "datePublic": "2026-04-14T14:00:00.000Z", "references": [{"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32171", "name": "Azure Logic Apps Elevation of Privilege Vulnerability", "tags": ["vendor-advisory", "patch"]}], "descriptions": [{"lang": "en-US", "value": "Insufficiently protected credentials in Azure Logic Apps allows an authorized attacker to elevate privileges over a network."}], "problemTypes": [{"descriptions": [{"lang": "en-US", "type": "CWE", "cweId": "CWE-522", "description": "CWE-522: Insufficiently Protected Credentials"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:azure_logic_apps:*:*:*:*:*:*:*:*", "vulnerable": true, "versionStartIncluding": "-"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2026-05-12T17:39:30.773Z"}}}, "cveMetadata": {"cveId": "CVE-2026-32171", "state": "PUBLISHED", "dateUpdated": "2026-05-12T17:39:30.773Z", "dateReserved": "2026-03-10T23:09:43.266Z", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "datePublished": "2026-04-14T16:58:31.359Z", "assignerShortName": "microsoft"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:azure_logic_apps:-:*:*:*:*:*:*:*", "matchCriteriaId": "C6568E5D-75D4-4A94-BFBF-3FA619F9FDD4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Insufficiently protected credentials in Azure Logic Apps allows an authorized attacker to elevate privileges over a network."}], "id": "CVE-2026-32171", "lastModified": "2026-04-27T19:58:07.660", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "secure@microsoft.com", "type": "Primary"}]}, "published": "2026-04-14T18:17:19.843", "references": [{"source": "secure@microsoft.com", "tags": ["Vendor Advisory"], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32171"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-522"}], "source": "secure@microsoft.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,*]"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Azure Logic Apps", "source": "cna", "vendor": "Microsoft"}, "product": "azure_logic_apps", "vendor": "microsoft"}], "analysis": {"en": {"generated_at": "2026-04-14T19:45:48.100987+00:00", "value": {"mitigation_remediation": ["Apply the official Azure Logic Apps update as detailed on the Microsoft Security Response Center advisory.", "Immediately review and reduce the scope of credentials used within Logic Apps. Apply least\u2011privilege principles to any service accounts or API keys.", "Configure and enforce strong, time\u2011limited authentication tokens for Logic App connectors.", "Enable monitoring for anomalous privilege changes or unexpected elevated actions within the Azure portal.", "If an update is not yet available, isolate the affected Logic Apps from sensitive resources and audit credential usage until a patch is released."], "summary": {"action": "Immediate Patch", "impact": "Privilege Escalation"}, "threat_synthesis": {"affected_systems": "Microsoft Azure Logic Apps is the sole affected product. No specific version details are provided, so all deployments should be reviewed for this weakness until a patch is available.", "description_and_impact": "Insufficiently protected credentials in Azure Logic Apps enable an attacker who already holds legitimate access to gain elevated privileges across a network. This weakness stems from improper handling of authentication tokens, allowing users to bypass boundaries and execute actions beyond their intended scope. The vulnerability is defined as CWE\u2011522, highlighting that credentials are not adequately safeguarded.", "risk_and_exploitability": "The CVSS base score of 8.8 indicates a high severity, and while the EPSS is not disclosed, the lack of inclusion in the KEV table suggests no publicly known exploits at this time. The attack class appears to be authenticated, requiring the attacker to possess some authorized credentials before attempting elevation. Consequently, internal actors or attackers who compromise user accounts could exploit this flaw to expand their permissions."}}}}, "created": "2026-04-15T14:31:56.917219+00:00", "updated": "2026-04-15T14:45:03.389786+00:00", "vendors": ["microsoft", "microsoft$PRODUCT$azure_logic_apps"]}