COOEY // HUBcompliance · community · intelligence

FedRAMP catalog › Azure Government (includes Dynamics 365)

Azure Government (includes Dynamics 365)

Microsoft · package F1603087869

Current status
Authorized · High impact · since 2026-07-07
Service model
IaaS, PaaS, SaaS
Marketplace
Rev5 · source: marketplace
Security posture
8 critical 17 high 17 on KEV · 28 correlated CVEs

CMMC domains addressed which 800-171 families this product helps satisfy

SC · System and Communications Protection IA · Identification and Authentication CM · Configuration Management MP · Media Protection

Status timeline SCD2 history — the thing a spreadsheet can't answer

StatusImpactFromTo
Authorized High 2026-07-07 current

Authorizations

AgencyTypeDate
JAB AuthorizationJAB2020-04-17

Exposed CVEs correlated to this product

SeverityCVETitlePublished
medium CVE-2026-57211 CVE-2026-57211: RabbitMQ is a messaging and streaming broker. Prior to 4.1.11 and 4.2.6 on Windo 2026-07-10
high CVE-2026-13020 CVE-2026-13020: A Weak Password Recovery Mechanism for Forgotten Password exists in Esri Portal 2026-07-07
medium CVE-2026-9182 CVE-2026-9182: ArcGIS Server contains an unrestricted file upload vulnerability. An unauthentic 2026-07-06
high CVE-2026-57983 CVE-2026-57983: Improper authorization in Microsoft Edge (Chromium-based) allows an unauthorized 2026-07-03
medium CVE-2026-26145 CVE-2026-26145: Improper access control in Azure Synapse allows an authorized attacker to elevat 2026-07-02
critical CVE-2026-41106 CVE-2026-41106: Url redirection to untrusted site ('open redirect') in M365 Copilot allows an un 2026-07-02
high CVE-2026-45659 Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability 2026-07-01
critical CVE-2026-13775 CVE-2026-13775: Use after free in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote a 2026-06-30
critical CVE-2026-13776 CVE-2026-13776: Type Confusion in Dawn in Google Chrome prior to 150.0.7871.47 allowed a remote 2026-06-30
critical CVE-2026-13780 CVE-2026-13780: Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 15 2026-06-30
critical CVE-2026-13781 CVE-2026-13781: Insufficient validation of untrusted input in Skia in Google Chrome prior to 150 2026-06-30
critical CVE-2026-13782 CVE-2026-13782: Use after free in Browser in Google Chrome prior to 150.0.7871.47 allowed a remo 2026-06-30
high CVE-2008-4250 Microsoft Windows Buffer Overflow Vulnerability 2026-05-20
high CVE-2009-1537 Microsoft DirectX NULL Byte Overwrite Vulnerability 2026-05-20
high CVE-2010-0249 Microsoft Internet Explorer Use-After-Free Vulnerability 2026-05-20
high CVE-2010-0806 Microsoft Internet Explorer Use-After-Free Vulnerability 2026-05-20
high CVE-2026-41091 Microsoft Defender Link Following Vulnerability 2026-05-20
high CVE-2026-45498 Microsoft Defender Denial of Service Vulnerability 2026-05-20
high CVE-2026-42897 Microsoft Exchange Server Cross-Site Scripting Vulnerability 2026-05-15
high CVE-2026-32202 Microsoft Windows Protection Mechanism Failure Vulnerability 2026-04-28
critical CVE-2026-33825 Microsoft Defender Insufficient Granularity of Access Control Vulnerability 2026-04-22
high CVE-2009-0238 Microsoft Office Remote Code Execution 2026-04-14
high CVE-2026-32201 Microsoft SharePoint Server Improper Input Validation Vulnerability 2026-04-14
high CVE-2012-1854 Microsoft Visual Basic for Applications Insecure Library Loading Vulnerability 2026-04-13
critical CVE-2023-21529 Microsoft Exchange Server Deserialization of Untrusted Data Vulnerability 2026-04-13
high CVE-2023-36424 Microsoft Windows Out-of-Bounds Read Vulnerability 2026-04-13
high CVE-2025-60710 Microsoft Windows Link Following Vulnerability 2026-04-13
high CVE-2026-20963 Microsoft SharePoint Deserialization of Untrusted Data Vulnerability 2026-03-18