High
CVSS 7.5
Overview
Improper control of generation of code ('code injection') in Azure Monitor Agent allows an unauthorized attacker to execute code over an adjacent network.
CVE-2025-47988
Improper control of generation of code ('code injection') in Azure Monitor Agent...
Risk analysis
This vulnerability is rated 🟠 HIGH.
- CVSS: 7.5 (HIGH)
- Detected tags: unauth_access (tag impact: HIGH)
Recommended actions:
- Enforce authentication/authorization; reduce default endpoint exposure.