A critical vulnerability in Microsoft's Azure Automation service could have permitted unauthorized access to other Azure customer accounts.
By exploiting the bug, the attacker could get full control over resources and data belonging to the targeted account, depending on the permissions assigned by the customer.
Several companies including a telecommunications company, two car manufacturers, a banking conglomerate, and big four accounting firms, among others, the Israeli cloud infrastructure security company were targeted by exploiting this vulnerability.
However, the issue was identified and was remediated in a patch pushed in December 2021.
Source: https://thehackernews.com/2022/03/microsoft-azure-autowarp-bug-could-have.html
"id": "MIC134612522",
"linkid": "microsoft-cloud-platform",
"type": "Vulnerability",
"date": "12/2021",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of a geographical region"