Server-side request forgery (ssrf) in Azure Custom Locations Resource Provider (RP) allows an authorized attacker to elevate privileges over a network.

A server-side request forgery (SSRF) vulnerability has been identified in Azure Custom Locations Resource Provider (RP). The vulnerability allows an authorized attacker to elevate privileges over a network. This affects Microsoft Azure's Custom Locations service, which is part of Azure's resource management infrastructure. The vulnerability requires the attacker to already have authorized access, but enables privilege escalation within the network environment. Given the cloud infrastructure nature and privilege escalation capability, this represents a significant security concern for Azure environments.