{"uuid": "ca73cbc4-5eee-4a8d-91de-2ba5693585a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42830", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0142", "content": "Microsoft heeft kwetsbaarheden verholpen in diverse Azure componenten. Een kwaadwillende kan de kwetsbaarheden misbruiken om zich voor te doen als andere gebruiker, zich verhoogde rechten toe te kennen, willekeurige code uit te voeren en mogelijk daarmee toegang te krijgen tot gevoelige gegevens.\n\nDe kwetsbaarheden met kenmerk CVE-2026-40379, CVE-2026-32207, CVE-2026-33109, CVE-2026-33844, CVE-2026-34327, CVE-2026-35428, CVE-2026-35435 en CVE-2026-41105 zijn reeds centraal verholpen door Microsoft en slechts opgenomen ter informatie. Voor deze kwetsbaarheden zijn geen acties benodigd.\n\n```\nAzure Machine Learning: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-32207 | 8.80 | Voordoen als andere gebruiker       | \n| CVE-2026-33833 | 8.20 | Voordoen als andere gebruiker       | \n|----------------|------|-------------------------------------|\n\nAzure Monitor Agent: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-32204 | 7.80 | Verkrijgen van verhoogde rechten    | \n| CVE-2026-42830 | 6.50 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nMicrosoft Partner Center: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-34327 | 8.20 | Voordoen als andere gebruiker       | \n|----------------|------|-------------------------------------|\n\nAzure Connected Machine Agent: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-40381 | 7.80 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nAzure SDK: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-33117 | 9.10 | Omzeilen van beveiligingsmaatregel  | \n|----------------|------|-------------------------------------|\n\nMicrosoft SSO Plugin for Jira & Confluence: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-41103 | 9.10 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nAzure Notification Service: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-41105 | 8.10 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nAzure Logic Apps: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-42823 | 9.90 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nAzure Entra ID: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-40379 | 9.30 | Voordoen als andere gebruiker       | \n|----------------|------|-------------------------------------|\n\nWindows Admin Center: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-41086 | 8.80 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nAzure AI Foundry M365 published agents: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-35435 | 8.60 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nAzure Cloud Shell: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-35428 | 9.60 | Voordoen als andere gebruiker       | \n|----------------|------|-------------------------------------|\n\nAzure Managed Instance for Apache Cassandra: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-33109 | 9.90 | Uitvoeren van willekeurige code     | \n| CVE-2026-33844 | 9.00 | Uitvoeren van willekeurige code     | \n|----------------|------|-------------------------------------|\n```", "creation_timestamp": "2026-05-12T15:53:04.000000Z"}