Description
Insufficiently protected credentials in Azure Logic Apps allows an authorized attacker to elevate privileges over a network.
Published: 2026-04-14
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Privilege Escalation
Action: Immediate Patch
AI Analysis

Impact

Insufficiently protected credentials in Azure Logic Apps enable an attacker who already holds legitimate access to gain elevated privileges across a network. This weakness stems from improper handling of authentication tokens, allowing users to bypass boundaries and execute actions beyond their intended scope. The vulnerability is defined as CWE‑522, highlighting that credentials are not adequately safeguarded.

Affected Systems

Microsoft Azure Logic Apps is the sole affected product. No specific version details are provided, so all deployments should be reviewed for this weakness until a patch is available.

Risk and Exploitability

The CVSS base score of 8.8 indicates a high severity, and while the EPSS is not disclosed, the lack of inclusion in the KEV table suggests no publicly known exploits at this time. The attack class appears to be authenticated, requiring the attacker to possess some authorized credentials before attempting elevation. Consequently, internal actors or attackers who compromise user accounts could exploit this flaw to expand their permissions.

Generated by OpenCVE AI on April 14, 2026 at 19:45 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the official Azure Logic Apps update as detailed on the Microsoft Security Response Center advisory.
  • Immediately review and reduce the scope of credentials used within Logic Apps. Apply least‑privilege principles to any service accounts or API keys.
  • Configure and enforce strong, time‑limited authentication tokens for Logic App connectors.
  • Enable monitoring for anomalous privilege changes or unexpected elevated actions within the Azure portal.
  • If an update is not yet available, isolate the affected Logic Apps from sensitive resources and audit credential usage until a patch is released.

Generated by OpenCVE AI on April 14, 2026 at 19:45 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 27 Apr 2026 20:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:microsoft:azure_logic_apps:-:*:*:*:*:*:*:*

Wed, 15 Apr 2026 05:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 14 Apr 2026 17:30:00 +0000

Type Values Removed Values Added
Description Insufficiently protected credentials in Azure Logic Apps allows an authorized attacker to elevate privileges over a network.
Title Azure Logic Apps Elevation of Privilege Vulnerability
First Time appeared Microsoft
Microsoft azure Logic Apps
Weaknesses CWE-522
CPEs cpe:2.3:a:microsoft:azure_logic_apps:*:*:*:*:*:*:*:*
Vendors & Products Microsoft
Microsoft azure Logic Apps
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C'}

Subscriptions

Microsoft Azure Logic Apps
cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published:

Updated: 2026-04-30T14:42:23.526Z

Reserved: 2026-03-10T23:09:43.266Z

Link: CVE-2026-32171

cve-icon Vulnrichment

Updated: 2026-04-14T19:11:30.908Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-14T18:17:19.843

Modified: 2026-04-27T19:58:07.660

Link: CVE-2026-32171

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-15T14:45:03Z

Weaknesses