Microsoft Security Response Center

**What privileges does an attacker require to exploit this vulnerability?** Exploiting this vulnerability requires an attacker to compromise admin credentials to the replication appliance, configuration server, or one of the VMs associated with the configuration server.

**What privileges does an attacker require to exploit this vulnerability?** Exploiting this vulnerability requires an attacker to compromise admin credentials to one of the VMs associated with the configuration server.

**What privileges does an attacker require to exploit this vulnerability?** Exploiting this vulnerability requires an attacker to compromise admin credentials to one of the VMs associated with the configuration server.

**What privileges does an attacker require to exploit this vulnerability?** Exploiting this vulnerability requires an attacker to compromise admin credentials to the replication appliance, configuration server, or one of the VMs associated with the configuration server.

**What privileges does an attacker require to exploit this vulnerability?** Exploiting this vulnerability requires an attacker to compromise admin credentials to the replication appliance, configuration server, or one of the VMs associated with the configuration server.

**What privileges does an attacker require to exploit this vulnerability?** No special privileges are required to exploit this vulnerability. An attacker needs to have network connectivity to the replication appliance. **What can an attacker do with the exposed credentials?** An attacker can call Azure Site Recovery APIs provided by the Configuration Server and in turn get access to configuration data including credentials for the protected systems. Using the APIs, the attacker can also modify/delete configuration data which in turn will impact Site Recovery operation.

**According to the CVSS, User Interaction is Required. What interaction would the user have to do?** The user would have be enticed to open a malicious file in vscode. Users should never open anything that they do not know or trust to be safe.

**Why is Attack Complexity marked as High for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.

**Why is this Google LLC CVE included in the Security Update Guide?** The vulnerability assigned to this CVE is in the Brotli library which is consumed by .NET and by Microsoft Visual Studio. It is being documented in the Security Update Guide to announce that the latest builds of .NET and Visual Studio are no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

**What privileges does an attacker require to exploit this vulnerability?** Exploiting this vulnerability requires an attacker to compromise admin credentials to the replication appliance, configuration server, or one of the VMs associated with the configuration server.