CVE-2026-23663
HIGH WAF: Low
CVSS 7.5
Published: 2026-05-22
CWE-269
Improper privilege management in Azure Entra ID allows an unauthorized attacker to elevate privileges over a network.
WAF Coverage Analysis
Improper Privilege Management
Low WAF Coverage
OWASP: A01:2021 Broken Access Control
Affected Software
| Vendor | Product | Version |
|---|---|---|
| microsoft | global_secure_access | - |
References
- msrc.microsoft.com (Vendor Advisory)