Improper access control in Azure Logic Apps allows an authorized attacker to elevate privileges over a network.
What do customers do to protect themselves from the vulnerability? Customers will be notified via Azure Service Health notification if they are impacted by this vulnerability. These alerts will include specific mitigation guidance and required actions for affected Azure Logic Apps resources. Customers who have received an Azure Service Health notification for this issue can reference** Tracking ID:** 1P8-C0G in the Azure portal to review the applicable guidance and required remediation steps. The Security Updates table for this CVE will be updated as additional information becomes available. Additionally, customers who have subscribed to the Security Update Guide will be notified when this CVE is revised to reflect updated guidance or mitigation details. If you wish to be notified when updates are released, we recommend registering for security notifications to stay informed of content changes.
<a href="https://www.linkedin.com/in/rajeshchada/">Rajesh Chada</a> with Microsoft