CVE-2022-2690715.04.2022, 19:15Azure SDK for .NET Information Disclosure VulnerabilityEnginsightProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVectorNISTNIST5.3 MEDIUMNETWORKHIGHLOWCVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:NmicrosoftCNA5.3 MEDIUMCVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:CCISA-ADPADP------CVEADP------Base ScoreCVSS 3.xEPSS ScorePercentile: 64%VendorProductVersionmicrosoftazure_sdk_for_.net-𝑥= Vulnerable software versionsCommon Weakness EnumerationCWE-532 - Insertion of Sensitive Information into Log FileInformation written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.Referenceshttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26907https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26907