Mitigation for Azure Storage SDK Client-Side Encryption Padding Oracle Vulnerability

Source: https://msrc-blog.microsoft.com/2022/07/18/mitigation-for-azure-storage-sdk-client-side-encryption-padding-oracle-vulnerability/

Summary: Google informed Microsoft under Coordinated Vulnerability Disclosure (CVD) of a padding oracle vulnerability that may affect customers using Azure Storage SDK (for Python, .NET, Java) client-side encryption (CVE-2022-30187). To mitigate this vulnerability, we released a new General Availability (GA) version of the Azure Storage SDK client-side encryption feature (v2) on July 12, 2022. Microsoft …

Mitigation for Azure Storage SDK Client-Side Encryption Padding Oracle Vulnerability Read More »

Sourced from post