Azure Cognitive Search (ACS) is a full-text search engine service.
A new non-default feature allowed for a network control to bypassed, permitting an attacker to submit search queries to any other tenant's network-isolated ACS instance. However, abusing this required a valid API key
to access the data plane of the target, along with a number of pieces of information about the target environment (such as the subscription ID and the name of the index to query).
No tracked CVEs