#Azure

**What is Network Watcher?** Azure Network Watcher provides tools to monitor, diagnose, view metrics, and enable or disable logs for resources in an Azure virtual network. Network Watcher is designed to monitor and repair the network health of IaaS (Infrastructure-as-a-Service) products including Virtual Machines (VM), Virtual Networks, Application Gateways, Load balancers, etc. For more details, please refer to: https://learn.microsoft.com/en-us/azure/network-watcher/network-watcher-monitoring-overview

**Why is this GitHub CVE included in the Security Update Guide?** The vulnerability assigned to this CVE is in Azure cli, which is published on GitHub and for which GitHub is the CVE Naming Authority (CNA). It is being documented in the Security Update Guide to inform customers using the azure-cli that they need to apply the updated version. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

**Upon successful exploitation, what privileges could an attacker gain?** An attacker who successfully exploited this vulnerability could gain administrator privileges.

**Where can I find more information about StorSimple 8000 Series?** StorSimple 8000 series is a hybrid cloud storage solution. Please see StorSimple 8000 series for more information.

**Where can I find more information?** Please see the MSRC Blog here. **What Microsoft services are known to be affected by this vulnerability?** Product/Service Microsoft's Mitigation Customer impact assessment and remediation Azure Automation uses the Application and Service Principal keyCredential APIs when Automation Run-As Accounts are created. Azure Automation deployed an update to the service to prevent private keys data in clear text from being uploaded to Azure AD applications. Run-As accounts created or renewed after 10/15/2021 are not impacted and do not require further action. Automation Run As accounts created with an Azure Automation self-signed certificate between 10/15/2020 and 10/15/2021 that have not been renewed are impacted. Separately customers who bring their own certificates could be affected. This is regardless of the renewal date of the certificate. To identify and remediate impacted Azure AD applications associated with impacted Automation Run-As accou...

*What data can be disclosed by this vulnerability?* This vulnerability allows disclosing user data redirected to the profile or Office container via FSLogix Cloud cache. This data can include user profile settings and files.