CVE Catalog

CVE-2026-55726

MediumCVSS 5.3
Published: Translated: NVD NIST

Summary

The Azure Blob Storage container used for Gardyn device logs is publicly listable without authentication. A malicious user would be able to access any device log file available in the blob storage container.

Risk Assessment

The risk involves exposure of sensitive data from device logs, which could allow an attacker to gain insights into system operations, potentially leading to further security breaches.

Recommendation

Immediately configure proper authentication and access controls for the Azure Blob Storage container to prevent anonymous access to device logs.

Original NVD description (English source)

The Azure Blob Storage container used for Gardyn device logs is publicly listable without authentication. A malicious user would be able to access any device log file available in the blob storage container.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS