Closed fooinha closed 8 months ago
Could this be a candidate entry to this database?
This vulnerability is in the azure cli, but this command can, eventually be used in hosted machines.
Advisory contains ...
Critical scenarios are where a hosting machine runs an Azure CLI command where parameter values have been provided by an external source.
For instance, az keyvault secret command line could be used by software releases build pipelines and powershell scripts.
az keyvault secret
This vulnerability would require the customer to update Azure cli to version >= 2.40.0
Yes, this is in scope - would you like to create a pull request with the details? (you can use this format)
Could this be a candidate entry to this database?
This vulnerability is in the azure cli, but this command can, eventually be used in hosted machines.
Advisory contains ...
For instance,
az keyvault secret
command line could be used by software releases build pipelines and powershell scripts.This vulnerability would require the customer to update Azure cli to version >= 2.40.0