Skip to content

Hide Navigation Hide TOC

Azure MCP Server Missing Authentication for Critical Function (CVE-2026-32211) - ATR-2026-00435 (e06e06e0-3fd4-5914-a7b6-297d4cba602e)

Detects exploitation or configuration exposure of CVE-2026-32211 (CVSS 9.1 Microsoft / 7.5 NIST), missing authentication for critical function in Azure MCP Server allowing an unauthenticated attacker to disclose information over a network. Detects (a) MCP server config blocks pointing at Azure MCP endpoints without an auth / headers / token field, (b) raw MCP handshake responses from Azure MCP servers that expose tool listings without an Authorization challenge, and (c) skill/tool descriptions referencing the Azure MCP unauthenticated surface. CWE-306.

Cluster A Galaxy A Cluster B Galaxy B Level
AI Model Inference API Access (90a420d4-3f03-4800-86c0-223c4376804a) MITRE ATLAS Attack Pattern Azure MCP Server Missing Authentication for Critical Function (CVE-2026-32211) - ATR-2026-00435 (e06e06e0-3fd4-5914-a7b6-297d4cba602e) Agent Threat Rules 1
Exploit Public-Facing Application - T1190 (3f886f2a-874f-4333-b794-aa6075009b1c) Attack Pattern Azure MCP Server Missing Authentication for Critical Function (CVE-2026-32211) - ATR-2026-00435 (e06e06e0-3fd4-5914-a7b6-297d4cba602e) Agent Threat Rules 1
Exploit Public-Facing Application (47d73872-5336-44f7-81e3-d30bc7e039dd) MITRE ATLAS Attack Pattern Azure MCP Server Missing Authentication for Critical Function (CVE-2026-32211) - ATR-2026-00435 (e06e06e0-3fd4-5914-a7b6-297d4cba602e) Agent Threat Rules 1
Azure MCP Server Missing Authentication for Critical Function (CVE-2026-32211) - ATR-2026-00435 (e06e06e0-3fd4-5914-a7b6-297d4cba602e) Agent Threat Rules Valid Accounts - T1078 (b17a1a56-e99c-403c-8948-561df0cffe81) Attack Pattern 1