A server-side request forgery flaw in Microsoft's Azure OpenAI service lets an authorized attacker escalate privileges over the network, earning a near-maximum CVSS score of 9.9.
What Is It
CVE-2026-45499 is a server-side request forgery (SSRF) vulnerability in Azure OpenAI, tracked under CWE-918. According to Microsoft, the flaw "allows an authorized attacker to elevate privileges over a network." It carries a CVSS 3.1 base score of 9.9 (CRITICAL), with the vector AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H. The combination of network attack vector, low complexity, only low privileges required, and no user interaction makes this an unusually accessible high-impact bug. The scope is marked Changed, meaning exploitation can affect resources beyond the initially compromised component.
Why It Matters
The impact ratings are uniformly high across confidentiality, integrity, and availability. An attacker who already holds low-level authorized access can leverage the SSRF to reach further into the service and elevate their privileges; a serious concern for a cloud AI platform that many organizations rely on for sensitive workloads. The 9.9 score sits just below the maximum, driven by the changed scope and full CIA impact. As of this writing, CISA's Known Exploited Vulnerabilities catalog does not list an entry for this CVE, so there is no confirmation of active exploitation in the wild.
What's Vulnerable
- Vendor: Microsoft
- Product: Azure OpenAI (all versions; listed as affected with version "-")
Microsoft tags this CVE as an "exclusively-hosted-service" vulnerability, indicating it affects the cloud-hosted service rather than customer-installed software.
Patch Status
The NVD record currently shows a vulnStatus of "Received," and it was published on 2026-07-02. Because Azure OpenAI is an exclusively hosted service, remediation is handled on Microsoft's side rather than requiring customer patching. The supplied source material does not specify a discrete required action or deadline. Administrators should consult Microsoft's MSRC update guide for the authoritative remediation status.
Sources
- MSRC Update Guide; CVE-2026-45499: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45499
- NVD, CVE-2026-45499 (Source: [email protected])