CRITICALVulnerability
Verified
Global
NVD CRITICAL: CVE-2026-57100 — Server-side request forgery (ssrf) in Microsoft Entra Provisioning Service (Sync...
·Source: NIST NVD
Updated:
Executive Summary
Server-side request forgery (ssrf) in Microsoft Entra Provisioning Service (SyncFabric) allows an authorized attacker to elevate privileges over a network.
Analysis
Server-side request forgery (ssrf) in Microsoft Entra Provisioning Service (SyncFabric) allows an authorized attacker to elevate privileges over a network. CVSS Score: 9.9. Published: 2026-07-02T23:16:51.267.