Server-side request forgery (ssrf) in Microsoft Entra Provisioning Service (SyncFabric) allows an authorized attacker to elevate privileges over a network.
References
| Link | Resource |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57100 | Vendor Advisory |
Configurations
History
08 Jul 2026, 18:34
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57100 - Vendor Advisory | |
| CPE | cpe:2.3:a:microsoft:entra_provisioning_service:-:*:*:*:*:*:*:* | |
| First Time |
Microsoft
Microsoft entra Provisioning Service |
02 Jul 2026, 23:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-07-02 23:16
Updated : 2026-07-08 18:34
NVD link : CVE-2026-57100
Mitre link : CVE-2026-57100
CVE.ORG link : CVE-2026-57100
JSON object : View
Products Affected
microsoft
- entra_provisioning_service
CWE
CWE-918
Server-Side Request Forgery (SSRF)
