Microsoft rejects critical Azure vulnerability report, no CVE issued

A safety researcher claims that Microsoft secretly fastened a vulnerability in Azure Backup for AKS after rejecting his report and blocking him from issuing a CVE.

The researchers’ report describes a crucial privilege escalation flaw that grants cluster administrator entry from the much less privileged “Backup Contributor” function.

Microsoft disputes this declare, telling BleepingComputer that this conduct was anticipated and that “no product modifications have been made,” regardless that researchers have documented new permission checks and failed exploitation makes an attempt since publication that recommend a silent patch.

CERT admits it is a bug, however Microsoft blocks CVE

Safety researcher Justin O’Leary found the safety flaw in March of this 12 months and reported it to Microsoft on March seventeenth.

The Microsoft Safety Response Heart (MSRC) rejected the report on April 13, claiming that the difficulty solely concerned gaining cluster directors on clusters the place “the attacker already held administrative entry,” a characterization that O’Leary says utterly misrepresents the assault.

“That is factually incorrect,” the researchers mentioned.

“This vulnerability permits a consumer with out Kubernetes privileges to achieve cluster administratorship. The assault doesn’t require pre-existing cluster entry; entry is granted.”

O’Leary additionally mentioned that Microsoft described its submission to MITER as “AI-generated content material,” which he mentioned didn’t tackle the technical deserves of the report.

After the denial, O’Leary escalated the difficulty to the CERT Coordination Heart, which independently verified the vulnerability on April 16 and assigned it the identifier VU#284781, in keeping with researchers.

CERT/CC was initially scheduled to be publicly accessible on June 1, 2026, however that rollout by no means materialized.

On Might 4th, Microsoft employees reportedly contacted MITER to advocate towards the CVE project, reiterating that the difficulty required current administrative entry.

CERT/CC subsequently settled the case below the CNA hierarchy guidelines, successfully leaving Microsoft (CNA) with closing authority over CVE issuance for its merchandise.

How the assault works

Azure Backup for AKS makes use of trusted entry to grant cluster administrator privileges for backup extensions in Kubernetes clusters.

In response to O’Leary, the flaw allowed a consumer with solely the Backup Contributor function on a backup vault to set off its Trusted Entry relationship with out having Kubernetes permissions.

An attacker may allow backup on the goal AKS cluster, inflicting Azure to robotically configure Trusted Entry with cluster administrator privileges. From there, an attacker may extract secrets and techniques or restore malicious workloads to the cluster by backup operations.

O’Leary categorized this problem as a Confused Proxy Vulnerability (CWE-441). On this vulnerability, Azure RBAC and Kubernetes RBAC belief boundaries work together in a method that bypasses anticipated authorization controls.

Microsoft says nothing has modified, however conduct says in any other case

BleepingComputer reached out to Microsoft to see if the tech big considers this discovery to be a legitimate safety vulnerability.

A Microsoft spokesperson informed Bleeping Laptop:

“Our evaluation concluded that this isn’t a safety vulnerability, however relatively anticipated conduct that requires current administrative privileges throughout the buyer’s surroundings. Due to this fact, no product modifications have been made to handle this report, and no CVE or CVSS scores have been issued.”

Nonetheless, after the report was printed this month, O’Leary realized that the unique assault vector now not labored.

“The present conduct returns an error that didn’t exist in March 2026,” he mentioned.

Error: UserErrorTrustedAccessGatewayReturnedForbidden
“Trusted Entry function binding is lacking/deleted”

In response to O’Leary, Azure Backup for AKS requires you to manually configure trusted entry earlier than enabling backups, reversing the earlier conduct the place Azure would configure it robotically.

We additionally noticed further permission checks that weren’t made throughout the first check in March. Container MSIs now require learn permissions on each the AKS cluster and snapshot useful resource teams, whereas AKS cluster MSIs now require contributor permissions on the snapshot useful resource group.

So, though the vulnerability seems to have been fastened, Microsoft has not issued a public advisory or notified clients.

Visibility points for defenders

With out CVEs and advisories, defenders have little visibility into publicity home windows and remediation timelines.

“Organizations that granted Backup Contributor between an unknown begin date and Might 2026 have been prone to privilege escalation,” the researchers wrote.

“With out CVE, safety groups can’t monitor this threat. Silent patching protects the seller, not the client.”

This incident highlights a structural drawback that can not be simply resolved.

Disputes between safety researchers and huge distributors over severity, exploitability, and disclosure have turn out to be frequent lately, particularly as vulnerability disclosure applications face a rise within the quantity of experiences.

Some open supply managers have publicly complained that AI-assisted reporting is an awesome bug bounty and safety triage system, making it troublesome for authentic discoveries to obtain well timed consideration. It’s not unusual for giant expertise corporations to disregard efficient flaw fixes regardless of repeated contacts from numerous researchers.

And not using a framework that realigns incentives for all events, accountable disclosure dangers turning into a bureaucratic train that serves nobody, particularly the organizations uncovered.