CVE-2011-1068

Name of the Vulnerable Software and Affected Versions Microsoft Windows Azure Software Development Kit (SDK) versions 1.3.x before 1.3.20121.1237

Description The issue is related to the improper support of cookies for maintaining state in ASP.NET applications when used with Full IIS and a Web Role. This allows remote attackers to obtain potentially sensitive information by reading an encrypted cookie and performing other steps.

Recommendations For Microsoft Windows Azure Software Development Kit (SDK) versions 1.3.x before 1.3.20121.1237, update to version 1.3.20121.1237 or later to resolve the issue.