France: Multiple Vulnerabilities Detected in Microsoft Azure

The Computer Emergency Response Team of France (CERT-FR) has issued an advisory regarding multiple vulnerabilities discovered in Microsoft Azure. These vulnerabilities could potentially lead to remote arbitrary code execution and privilege escalation.

The affected systems and products include:

  • Azure DevOps Server 2019.0.1
  • Azure DevOps Server 2019.1.2
  • Azure DevOps Server 2020.0.2
  • Azure DevOps Server 2020.1.2
  • Azure DevOps Server 2022.0.1
  • Azure HDInsights
  • Azure Kubernetes Service

These vulnerabilities pose significant risks, as they could allow attackers to execute arbitrary code remotely and gain elevated privileges.

Solution: Users and organizations are strongly advised to refer to the security bulletin provided by Microsoft for obtaining the necessary patches and updates. Detailed information about each vulnerability and mitigation measures can be found in the documentation linked below.


Taking prompt action to apply these patches is crucial to ensure the security and stability of Microsoft Azure environments.