What is CBC padding in storage SDK? Azure Storage .NET, Java, and Python SDKs use cipher block chaining (CBC mode) for client-side encryption. This client-side encryption is used by very small set of customers, who encrypt their data on the client with a customer-managed key that is maintained in Azure Key Vault or another key store before uploading to Azure Storage. What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulnerability could decrypt data on the client side and disclose the content of the file or blob. According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment.
<a href="https://twitter.com/schmiegsophie">Sophie Schmieg</a> with <a href="https://google.com/">Google</a>