{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-32173", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "state": "PUBLISHED", "assignerShortName": "microsoft", "dateReserved": "2026-03-10T23:09:43.266Z", "datePublished": "2026-04-02T23:27:00.374Z", "dateUpdated": "2026-05-12T17:39:53.212Z"}, "containers": {"cna": {"title": "Azure SRE Agent Information Disclosure Vulnerability", "datePublic": "2026-04-02T14:00:00.000Z", "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:azure_sre_agent_gateway_signalR_hub:*:*:*:*:*:*:*:*", "versionStartIncluding": "-"}]}]}], "affected": [{"vendor": "Microsoft", "product": "Azure SRE Agent Gateway - SignalR Hub", "versions": [{"version": "-", "status": "affected"}]}], "descriptions": [{"value": "Improper authentication in Azure SRE Agent allows an unauthorized attacker to disclose information over a network.", "lang": "en-US"}], "problemTypes": [{"descriptions": [{"description": "CWE-287: Improper Authentication", "lang": "en-US", "type": "CWE", "cweId": "CWE-287"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2026-05-12T17:39:53.212Z"}, "references": [{"name": "Azure SRE Agent Information Disclosure Vulnerability", "tags": ["vendor-advisory", "patch"], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32173"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "baseSeverity": "HIGH", "baseScore": 8.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C"}}], "tags": ["exclusively-hosted-service"]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-32173", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-03T13:43:51.736869Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-03T13:56:03.727Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-32173", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-03T13:43:51.736869Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-03T13:48:30.813Z"}}], "cna": {"tags": ["exclusively-hosted-service"], "title": "Azure SRE Agent Information Disclosure Vulnerability", "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "baseScore": 8.6, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C"}, "scenarios": [{"lang": "en-US", "value": "GENERAL"}]}], "affected": [{"vendor": "Microsoft", "product": "Azure SRE Agent Gateway - SignalR Hub", "versions": [{"status": "affected", "version": "-"}]}], "datePublic": "2026-04-02T14:00:00.000Z", "references": [{"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32173", "name": "Azure SRE Agent Information Disclosure Vulnerability", "tags": ["vendor-advisory", "patch"]}], "descriptions": [{"lang": "en-US", "value": "Improper authentication in Azure SRE Agent allows an unauthorized attacker to disclose information over a network."}], "problemTypes": [{"descriptions": [{"lang": "en-US", "type": "CWE", "cweId": "CWE-287", "description": "CWE-287: Improper Authentication"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:azure_sre_agent_gateway_signalR_hub:*:*:*:*:*:*:*:*", "vulnerable": true, "versionStartIncluding": "-"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2026-05-12T17:39:53.212Z"}}}, "cveMetadata": {"cveId": "CVE-2026-32173", "state": "PUBLISHED", "dateUpdated": "2026-05-12T17:39:53.212Z", "dateReserved": "2026-03-10T23:09:43.266Z", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "datePublished": "2026-04-02T23:27:00.374Z", "assignerShortName": "microsoft"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:azure_sre_agent:-:*:*:*:*:*:*:*", "matchCriteriaId": "EEFCFD8A-8DE7-48B8-AB92-8387A736DB35", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [{"sourceIdentifier": "secure@microsoft.com", "tags": ["exclusively-hosted-service"]}], "descriptions": [{"lang": "en", "value": "Improper authentication in Azure SRE Agent allows an unauthorized attacker to disclose information over a network."}], "id": "CVE-2026-32173", "lastModified": "2026-04-06T18:04:41.617", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.0, "source": "secure@microsoft.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-04-03T00:16:04.547", "references": [{"source": "secure@microsoft.com", "tags": ["Vendor Advisory"], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32173"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "secure@microsoft.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-863"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": null}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "original": {"product": "Azure SRE Agent Gateway - SignalR Hub", "source": "cna", "vendor": "Microsoft"}, "product": "azure_sre_agent_gateway", "vendor": "microsoft"}], "analysis": {"en": {"generated_at": "2026-04-07T02:24:56.609347+00:00", "value": {"mitigation_remediation": ["Download and install the Microsoft security update for CVE\u20112026\u201132173 from the Microsoft Security Response Center update guide.", "Verify that all Azure SRE Agent Gateway \u2013 SignalR Hub instances have been patched to the latest version.", "Implement network segmentation or firewall rules to limit access to the SignalR hub to trusted networks only.", "Enable monitoring and logging on the SRE Agent to detect unauthorized authentication attempts."], "summary": {"action": "Apply Patch", "impact": "Information Disclosure"}, "threat_synthesis": {"affected_systems": "The vulnerability affects Microsoft Azure SRE Agent Gateway \u2013 SignalR Hub. Version details are not publicly disclosed in the CVE description, so apply the latest available release for all deployed instances.", "description_and_impact": "Azure SRE Agent Gateway - SignalR Hub suffers from improper authentication that allows an unauthorized attacker to read sensitive data over the network. The flaw falls under authentication failures, as denoted by CWE\u2011287 and improper request authentication, CWE\u2011863. A successful exploitation would expose confidential information, potentially compromising the integrity of the system and revealing internal state details.", "risk_and_exploitability": "The CVSS base score of 8.6 classifies the issue as High severity. However, the EPSS score of less than 1\u202f% indicates a low likelihood of exploitation at present, and the vulnerability is not cataloged in the CISA KEV list. It is inferred that the attack vector is remote network access to the SignalR hub endpoints, requiring no special privileges or additional malware."}}}}, "created": "2026-04-03T07:31:17.570499+00:00", "updated": "2026-04-07T07:55:17.176875+00:00", "vendors": ["microsoft", "microsoft$PRODUCT$azure_sre_agent_gateway"]}