CVE-2022-24518: Azure Site Recovery Elevation of Privilege Vulnerability

What privileges does an attacker require to exploit this vulnerability?

Exploiting this vulnerability requires an attacker to compromise admin credentials to one of the VMs associated with the configuration server.

What data can be exposed by this vulnerability?

This vulnerability allows disclosure of accounts and user table data, including encrypted credentials.