{"vulnerability": "CVE-2022-39327", "sightings": [{"uuid": "9e971ca6-a9d1-4668-bdeb-751e62964766", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39327", "type": "seen", "source": "https://t.me/ctinow/72150", "content": "Azure CLI Code Injection CVE-2022-39327 hits 9.8/10 CVSS score\n\nhttps://ift.tt/zr5Yyqe", "creation_timestamp": "2022-10-29T17:56:07.000000Z"}, {"uuid": "be645b00-a3d4-43d0-84c1-d92612cc869f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39327", "type": "seen", "source": "https://t.me/cibsecurity/52053", "content": "\u203c CVE-2022-39327 \u203c\n\nAzure CLI is the command-line interface for Microsoft Azure. In versions previous to 2.40.0, Azure CLI contains a vulnerability for potential code injection. Critical scenarios are where a hosting machine runs an Azure CLI command where parameter values have been provided by an external source. The vulnerability is only applicable when the Azure CLI command is run on a Windows machine and with any version of PowerShell and when the parameter value contains the `&` or `|` symbols. If any of these prerequisites are not met, this vulnerability is not applicable. Users should upgrade to version 2.40.0 or greater to receive a a mitigation for the vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-25T20:40:51.000000Z"}]}