CVE-2025-55321

Опубликовано: 09 окт. 2025

Источник: nvd

CVSS3: 9.3

CVSS3: 5.4

EPSS Низкий

Описание

Improper neutralization of input during web page generation ('cross-site scripting') in Azure Monitor allows an unauthorized attacker to perform spoofing over a network.

Ссылки

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55321
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:microsoft:azure_monitor:-:*:*:*:*:*:*:*

EPSS

Процентиль: 14%

0.00047

Низкий

9.3 Critical

CVSS3

5.4 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

CVE-2025-55321

msrc

28 дней назад

Azure Monitor Log Analytics Spoofing Vulnerability

GHSA-96rv-gm93-8wx5

CVSS3: 8.7

github

27 дней назад

Improper neutralization of input during web page generation ('cross-site scripting') in Azure Monitor allows an authorized attacker to perform spoofing over a network.

EPSS

Процентиль: 14%

0.00047

Низкий

9.3 Critical

CVSS3

5.4 Medium

CVSS3

Дефекты

CWE-79