CVE-2025-21415 :: Enginsight Vulnerability Database

Severity

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Atk. Vector

NETWORK

Atk. Complexity

LOW

Priv. Required

LOW

Base Score

CVSS 3.x

EPSS Score

Percentile: 41%

Vendor	Product	Version
microsoft	azure_ai_face_service	-

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-290 - Authentication Bypass by Spoofing
This attack-focused weakness is caused by improperly implemented authentication schemes that are subject to spoofing attacks.

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21415