Description
Server-side request forgery (ssrf) in Azure Notification Service allows an authorized attacker to elevate privileges over a network.
Published: 2026-05-07
Score: 8.1 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Microsoft disclosed a server‑side request forgery flaw in the Azure Monitor Action Group Notification Service. The vulnerability (CWE‑918) permits an authenticated actor with control over notifications to send crafted internal requests. The flaw can be used to bypass network boundaries, elevate privileges, and potentially access sensitive resources. Based on the description, it is inferred that the attacker can reach internal endpoints that are not exposed externally. The CVSS score of 8.1 indicates high severity risk.

Affected Systems

Microsoft Azure Monitor Action Group Notification System is affected. All releases are vulnerable until a vendor‑supplied update addresses the SSRF flaw; specific version details have not been disclosed publicly.

Risk and Exploitability

Any authenticated user that has permission to create or modify Action Group notifications can exploit the SSRF. The EPSS score is not available, but the high CVSS score of 8.1 combined with the lack of a KEV listing suggests significant risk. The likely attack vector is through the notification service’s request handling endpoint, where a malicious actor crafts internal requests that the service does not validate. Based on the description, it is inferred that the attacker’s privilege level after exploitation would be higher than the original authenticated account, enabling further lateral movement.

Generated by OpenCVE AI on May 7, 2026 at 22:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the vendor‑supplied update for Azure Monitor Action Group Notification System as documented in Microsoft’s advisory.
  • Restrict the permissions on accounts that can create or modify Action Group notifications to the minimum required.
  • Implement network segmentation or firewall rules to prevent the notification service from reaching sensitive internal endpoints, in addition to monitoring for anomalous outbound traffic.

Generated by OpenCVE AI on May 7, 2026 at 22:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 07 May 2026 21:30:00 +0000

Type Values Removed Values Added
Description Server-side request forgery (ssrf) in Azure Notification Service allows an authorized attacker to elevate privileges over a network.
Title Azure Monitor Action Group Notification System Elevation of Privilege Vulnerability
First Time appeared Microsoft
Microsoft azure Monitor Action Group Notification System
Weaknesses CWE-918
CPEs cpe:2.3:a:microsoft:azure_monitor_action_group_notification_system:*:*:*:*:*:*:*:*
Vendors & Products Microsoft
Microsoft azure Monitor Action Group Notification System
References
Metrics cvssV3_1

{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C'}

Subscriptions

Microsoft Azure Monitor Action Group Notification System
cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published:

Updated: 2026-05-07T20:58:47.705Z

Reserved: 2026-04-16T19:12:36.195Z

Link: CVE-2026-41105

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-07T22:16:35.183

Modified: 2026-05-07T22:16:35.183

Link: CVE-2026-41105

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-07T23:00:09Z

Weaknesses