Weak Authentication Vulnerability in Azure Machine Learning by Microsoft
CVE-2025-47995

6.5MEDIUM

Key Information:

Vendor: Microsoft
Status: Azure Machine Learning
Vendor: CVE Published:; 18 July 2025

What is CVE-2025-47995?

A vulnerability in Azure Machine Learning allows authorized attackers to exploit weak authentication mechanisms. This flaw enables attackers to elevate their privileges within the network, potentially granting unauthorized access to sensitive data and system controls. Organizations using Azure Machine Learning should assess their security practices and implement stronger authentication measures to mitigate the risk associated with this vulnerability.

Affected Version(s)

Azure Machine Learning Unknown

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 18, 2025
Vulnerability Reserved
May 14, 2025