CVE Catalog
CVE-2026-57100
CriticalCVSS 9.9Summary
A Server-Side Request Forgery (SSRF) vulnerability in Microsoft Entra Provisioning Service (SyncFabric) allows an authorized attacker to elevate privileges over a network.
Risk Assessment
An attacker could exploit this vulnerability to send requests to internal network resources, potentially leading to unauthorized access to sensitive data or systems.
Recommendation
Apply security updates provided by Microsoft for Microsoft Entra Provisioning Service (SyncFabric) immediately.
Original NVD description (English source)
Server-side request forgery (ssrf) in Microsoft Entra Provisioning Service (SyncFabric) allows an authorized attacker to elevate privileges over a network.

