Azure Logic Apps Credentials Exposed to Unauthorized Access

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

8.8

Azure Logic Apps Credentials Exposed to Unauthorized Access

CVE-2026-32171

Summary

An attacker with authorized access to Azure Logic Apps can gain elevated network privileges by exploiting insufficiently protected credentials. This could allow them to access sensitive data or take control of the system. Azure Logic Apps users should review and update their authentication settings to prevent this risk.

Original title

Insufficiently protected credentials in Azure Logic Apps allows an authorized attacker to elevate privileges over a network.

Original description

Insufficiently protected credentials in Azure Logic Apps allows an authorized attacker to elevate privileges over a network.

nvd CVSS3.1 8.8

Vulnerability type

CWE-522 Insufficiently Protected Credentials

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32171

Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026