Microsoft Azure Monitor vulnerabilities
10 known vulnerabilities affecting microsoft/azure_monitor.
Total CVEs
10
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH9MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2025-62550HIGHCVSS 8.8≥ 1.0.0, < 1.35.92025-12-09
CVE-2025-62550 [HIGH] CWE-131 CVE-2025-62550: Out-of-bounds write in Azure Monitor Agent allows an authorized attacker to execute code over a netw
Out-of-bounds write in Azure Monitor Agent allows an authorized attacker to execute code over a network.
cvelistv5nvd
CVE-2025-59504HIGHCVSS 7.3≥ 1.0.0, < v1.37.12025-11-11
CVE-2025-59504 [HIGH] CWE-122 CVE-2025-59504: Heap-based buffer overflow in Azure Monitor Agent allows an unauthorized attacker to execute code lo
Heap-based buffer overflow in Azure Monitor Agent allows an unauthorized attacker to execute code locally.
cvelistv5nvd
CVE-2025-59285HIGHCVSS 7.0≥ 1.0.0, < 1.36.32025-10-14
CVE-2025-59285 [HIGH] CWE-502 CVE-2025-59285: Deserialization of untrusted data in Azure Monitor Agent allows an authorized attacker to elevate pr
Deserialization of untrusted data in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.
cvelistv5nvd
CVE-2025-59494HIGHCVSS 7.8≥ 1.0.0, < 1.38.1.02025-10-14
CVE-2025-59494 [HIGH] CWE-284 CVE-2025-59494: Improper access control in Azure Monitor Agent allows an authorized attacker to elevate privileges l
Improper access control in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.
cvelistv5nvd
CVE-2025-55321MEDIUMCVSS 5.4v-2025-10-09
CVE-2025-55321 [CRITICAL] CWE-79 CVE-2025-55321: Improper neutralization of input during web page generation ('cross-site scripting') in Azure Monito
Improper neutralization of input during web page generation ('cross-site scripting') in Azure Monitor allows an unauthorized attacker to perform spoofing over a network.
cvelistv5nvd
CVE-2025-47988HIGHCVSS 7.5≥ 1.0.0, < 1.35.12025-07-08
CVE-2025-47988 [HIGH] CWE-94 CVE-2025-47988: Improper control of generation of code ('code injection') in Azure Monitor Agent allows an unauthori
Improper control of generation of code ('code injection') in Azure Monitor Agent allows an unauthorized attacker to execute code over an adjacent network.
cvelistv5nvd
CVE-2024-38097HIGHCVSS 7.1≥ 1.0.0, < 1.30.02024-10-08
CVE-2024-38097 [HIGH] CWE-59 CVE-2024-38097: Azure Monitor Agent Elevation of Privilege Vulnerability
Azure Monitor Agent Elevation of Privilege Vulnerability
cvelistv5nvd
CVE-2024-35254HIGHCVSS 7.1≥ 1.0.0, < 1.26.02024-06-11
CVE-2024-35254 [HIGH] CWE-59 CVE-2024-35254: Azure Monitor Agent Elevation of Privilege Vulnerability
Azure Monitor Agent Elevation of Privilege Vulnerability
cvelistv5nvd
CVE-2024-30060HIGHCVSS 7.8≥ 1.0.0, < 1.26.02024-05-16
CVE-2024-30060 [HIGH] CWE-59 CVE-2024-30060: Azure Monitor Agent Elevation of Privilege Vulnerability
Azure Monitor Agent Elevation of Privilege Vulnerability
cvelistv5nvd
CVE-2024-29989HIGHCVSS 8.4≥ 1.0.0, < 1.24.02024-04-09
CVE-2024-29989 [HIGH] CWE-59 CVE-2024-29989: Azure Monitor Agent Elevation of Privilege Vulnerability
Azure Monitor Agent Elevation of Privilege Vulnerability
cvelistv5nvd