A security vulnerability has been discovered in Request Management for Windows Azure Pack.
- Service Manager 2012
The vulnerability exists in v1.5.7918 and earlier for SCSM 2012.
- Service Manager 2016 and later
The vulnerability exists in v2.0.7905 and earlier for SCSM 2016 and later.
- Service Manager 2016 upgrade to upgrade to v2.0.7912 or later.
- Service Manager 2012 upgrade to v1.5.7919 or later.
More details will be published as soon as an update has been released and our customers have had a chance to update their installations.
Information will also be disclosed here: CVE - CVE-2021-40371 (mitre.org)