Vamsi Nukavarapu

**Name of the Vulnerable Software and Affected Versions** Azure Entra ID (affected versions not specified) **Description** Improper privilege management allows an unauthorized attacker to elevate privileges over a network. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions Azure Web Apps (affected versions not specified) Description An issue exists in Azure MCP Server where missing authentication for a critical function allows an unauthorized attacker to disclose information over a network. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Azure Data Factory (affected versions not specified) **Description** An issue exists in Azure Data Factory that allows an unauthorized attacker to disclose sensitive information over a network. The exposure of this information could potentially lead to further compromise. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.