MEDIUM✓ PATCH🇵🇱 Wersja polska

CVE-2025-21195

CVSS 6.0v3.1pub. 2025-07-08upd. 2025-07-22

Improper link resolution before file access ('link following') in Service Fabric allows an authorized attacker to elevate privileges locally.

CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:H
  • Microsoft Azure Service Fabric

    APP
    Microsoft
    10.1< 10.1
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2023-23383HIGH8.2ten sam produkt

Service Fabric Explorer Spoofing Vulnerability

CVE-2023-21531HIGH7.0ten sam produkt

Azure Service Fabric Container Elevation of Privilege Vulnerability

CVE-2024-43480MEDIUM6.6ten sam produkt

Azure Service Fabric for Linux Remote Code Execution Vulnerability

CVE-2023-36868MEDIUM6.5ten sam produkt

Azure Service Fabric on Windows Information Disclosure Vulnerability

CVE-2022-35829MEDIUM6.2ten sam produkt

Service Fabric Explorer Spoofing Vulnerability