CVE-2025-21384

An authenticated attacker can exploit an Server-Side Request Forgery (SSRF) vulnerability in Microsoft Azure Health Bot to elevate privileges over a network.
Configurations

Configuration 1 (hide)

cpe:2.3:a:microsoft:azure_health_bot:-:*:*:*:*:*:*:*

History

08 Jul 2025, 17:15

Type Values Removed Values Added
CPE cpe:2.3:a:microsoft:azure_health_bot:-:*:*:*:*:*:*:*
CWE CWE-918
First Time Microsoft
Microsoft azure Health Bot
Summary
  • (es) Un atacante autenticado puede explotar una vulnerabilidad de Server-Side Request Forgery (SSRF) en Microsoft Azure Health Bot para elevar privilegios en una red.
References () https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21384 - () https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21384 - Vendor Advisory

01 Apr 2025, 01:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-04-01 01:15

Updated : 2025-07-08 17:15


NVD link : CVE-2025-21384

Mitre link : CVE-2025-21384

CVE.ORG link : CVE-2025-21384


JSON object : View

Products Affected

microsoft

  • azure_health_bot
CWE
CWE-693

Protection Mechanism Failure

CWE-918

Server-Side Request Forgery (SSRF)