Wtm

**Name of the Vulnerable Software and Affected Versions** Azure Managed Instance for Apache Cassandra (affected versions not specified) **Description** The issue is related to improper access control in the Azure Managed Instance for Apache Cassandra, which can allow an authenticated attacker to elevate privileges over a network. This can lead to unauthorized access. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Azure Virtual Machine versions (affected versions not specified) Azure Container Instance versions (affected versions not specified) Azure Service Fabric versions (affected versions not specified) Azure Kubernetes Service versions (affected versions not specified) Azure Container Registry versions (affected versions not specified) Azure Spring Cloud versions (affected versions not specified) **Description** The issue is related to a lack of protection for service data, which can be exploited by a remote attacker to gain unauthorized access to protected information. This can lead to information disclosure. There is also a mention of a Linux Azure VM Plugin System vulnerability that can lead to privilege escalation. **Recommendations** For Azure Virtual Machine, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Azure Container Instance, consider restricting access to sensitive data until a patch is available. For Azure Service Fabric, as a temporary workaround, consider disabling any vulnerable plugins or modules until a fix is released. For Azure Kubernetes Service, restrict access to the vulnerable API endpoints until the issue is resolved. For Azure Container Registry, avoid using sensitive parameters in the affected API endpoints until the issue is fixed. For Azure Spring Cloud, at the moment, there is no information about a newer version that contains a fix for this vulnerability.