Microsoft Azure Vulnerability Allowed Code Execution, Data Theft
Tracked as CVE-20220-29972, the security hole was identified in the third-party Open Database Connectivity (ODBC) data connector used in Integration Runtime (IR) in the affected Azure services to connect to Amazon Redshift. A remote attacker could have exploited the flaw to execute arbitrary commands across the IR infrastructure, impacting multiple tenants, the tech giant explains….