KLA61977
Multiple vulnerabilities in Microsoft Azure

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to bypass security restrictions, obtain sensitive information, execute arbitrary code.

Below is a complete list of vulnerabilities:

1. A security feature bypass vulnerability in Microsoft On-Prem Data Gateway can be exploited remotely to bypass security restrictions.
2. An information disclosure vulnerability in Azure CLI REST Command can be exploited remotely to obtain sensitive information.
3. A remote code execution vulnerability in Azure DevOps Server can be exploited remotely to execute arbitrary code.
4. A remote code execution vulnerability in Microsoft Host Integration Server 2020 can be exploited remotely to execute arbitrary code.

az staticwebapp appsettings delete
az staticwebapp appsettings set
Microsoft OLE DB Provider for DB2 V7
az logicapp config appsettings delete
az webapp config appsettings set
az functionapp config appsettings delete
az webapp config appsettings delete
Host Integration Server 2020
Azure Pipelines Agent
az logicapp config appsettings set
az functionapp config appsettings set
On-Prem Data Gateway

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

5032921