High severity8.8NVD Advisory· Published Apr 14, 2026· Updated Apr 27, 2026
CVE-2026-32171
CVE-2026-32171
Description
Insufficiently protected credentials in Azure Logic Apps allows an authorized attacker to elevate privileges over a network.
Affected products
2- cpe:2.3:a:microsoft:azure_logic_apps:-:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
1- msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32171nvdVendor Advisory
News mentions
1- Patch Tuesday - April 2026Rapid7 Blog · Apr 14, 2026