Critical functions in Azure MCP Server are accessible without authentication, allowing remote attackers to perform unauthorized information disclosure.

This vulnerability involves a failure to enforce authentication for a critical function within the Azure MCP Server. An unauthenticated attacker can exploit this over a network to access sensitive data that should be protected by security credentials.

The unauthorized disclosure of information from the MCP Server could provide attackers with the technical details needed to launch further, more complex attacks against the environment. With a CVSS score of 9.1, this flaw poses a high risk to data confidentiality and can lead to the exposure of proprietary system configurations or user data.

Immediate Action: Update the Azure MCP Server to the latest version to ensure that authentication is properly enforced across all critical functions.

Proactive Monitoring: Review server access logs for requests to management or data functions that lack associated authentication tokens or session IDs.

Compensating Controls: Place the MCP Server behind a VPN or a Zero Trust Network Access (ZTNA) gateway to ensure that only verified users can reach the network interface.

Public Exploit Available: No

Immediate patching is required to prevent unauthorized data access. Security teams should verify that the update correctly applies authentication requirements to all exposed endpoints and consider additional network-level access controls to protect the server.