An issue in Azure Cloud Shell could have allowed an attacker to take over
an Azure App Service domain and leverage it to inject and execute
commands in other tenants' terminals if they navigated to the domain while
logged into their account. Using this method, an attacker could query the
Azure IMDS on other tenants' behalf and thereby obtain their access tokens.