Service Fabric
by Microsoft
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-0902 | Cri | 0.64 | 9.8 | 0.03 | Mar 12, 2020 | An elevation of privilege vulnerability exists in Service Fabric File Store Service under certain conditions, aka 'Service Fabric Elevation of Privilege'. | ||
| CVE-2023-21531 | Hig | 0.46 | 7.0 | 0.01 | Jan 10, 2023 | Azure Service Fabric Container Elevation of Privilege Vulnerability | ||
| CVE-2022-30137 | Med | 0.44 | 6.7 | 0.01 | Jun 15, 2022 | Executive Summary An Elevation of Privilege (EOP) vulnerability has been identified within Service Fabric clusters that run Docker containers. Exploitation of this EOP vulnerability requires an attacker to gain remote code execution within a container. All Service Fabric and… | ||
| CVE-2025-21195 | Med | 0.39 | 6.0 | 0.00 | Jul 8, 2025 | Improper link resolution before file access ('link following') in Service Fabric allows an authorized attacker to elevate privileges locally. |
- risk 0.64cvss 9.8epss 0.03
An elevation of privilege vulnerability exists in Service Fabric File Store Service under certain conditions, aka 'Service Fabric Elevation of Privilege'.
- risk 0.46cvss 7.0epss 0.01
Azure Service Fabric Container Elevation of Privilege Vulnerability
- risk 0.44cvss 6.7epss 0.01
Executive Summary An Elevation of Privilege (EOP) vulnerability has been identified within Service Fabric clusters that run Docker containers. Exploitation of this EOP vulnerability requires an attacker to gain remote code execution within a container. All Service Fabric and…
- risk 0.39cvss 6.0epss 0.00
Improper link resolution before file access ('link following') in Service Fabric allows an authorized attacker to elevate privileges locally.