<< Back
CVE Number Vulnerability Product Severity Date
CVE-2023-36052 Azure CLI REST Command Information Disclosure Vulnerability Azure CLI Critical 03-01-2024

Technical Information

An Information Disclosure vulnerability in Azure CLI where commands could be used to leak sensitive data and output to Continuous Integration and Continuous Deployment(CI/CD) logs.

Further information on this vulnerability is available at : CVE-2023-36052

Affected Software

az staticwebapp appsettings set,
az functionapp config appsettings set,
az staticwebapp appsettings delete,
az functionapp config appsettings delete,
az webapp config appsettings delete,
az webapp config appsettings set,
az logicapp config appsettings delete,
az logicapp config appsettings set