#Security Vulnerability

**What privileges does an attacker require to exploit this vulnerability?** Exploiting this vulnerability requires an attacker to compromise admin credentials to the replication appliance, configuration server, or one of the VMs associated with the configuration server.

**What privileges does an attacker require to exploit this vulnerability?** Exploiting this vulnerability requires an attacker to compromise admin credentials to the replication appliance, configuration server, or one of the VMs associated with the configuration server.

**What privileges does an attacker require to exploit this vulnerability?** Exploiting this vulnerability requires an attacker to compromise admin credentials to one of the VMs associated with the configuration server. **What data can be exposed by this vulnerability?** This vulnerability allows disclosure of accounts and user table data, including encrypted credentials.

**What privileges does an attacker require to exploit this vulnerability?** Exploiting this vulnerability requires an attacker to compromise admin credentials to one of the VMs associated with the configuration server. **What data can be exposed by this vulnerability?** This vulnerability allows disclosure of accounts and user table data, including encrypted credentials.

**What privileges does an attacker require to exploit this vulnerability?** Exploiting this vulnerability requires an attacker to compromise admin credentials to the replication appliance, configuration server, or one of the VMs associated with the configuration server.

**What privileges does an attacker require to exploit this vulnerability?** Exploiting this vulnerability requires an attacker to compromise admin credentials to the replication appliance, configuration server, or one of the VMs associated with the configuration server.

**What privileges does an attacker require to exploit this vulnerability?** No special privileges are required to exploit this vulnerability. An attacker needs to have network connectivity to the replication appliance. **What can an attacker do with the exposed credentials?** An attacker can call Azure Site Recovery APIs provided by the Configuration Server and in turn get access to configuration data including credentials for the protected systems. Using the APIs, the attacker can also modify/delete configuration data which in turn will impact Site Recovery operation.

**What privileges does an attacker require to exploit this vulnerability?** Exploiting this vulnerability requires an attacker to compromise admin credentials to the replication appliance, configuration server, or one of the VMs associated with the configuration server.

**Are the updates for the Microsoft Office for Mac currently available?** The security update for Microsoft Office 2019 for Mac and Microsoft Office LTSC for Mac 2021 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information.

**Is the Preview Pane an attack vector for this vulnerability?** No, the Preview Pane is not an attack vector.