{"data":{"id":"2275f11c-6481-41ab-9571-31aa7ba043e1","title":"CVE-2023-23382: Azure Machine Learning Compute Instance Information Disclosure Vulnerability","summary":"CVE-2023-23382 is a vulnerability in Azure Machine Learning Compute Instance that allows unauthorized access to sensitive information. The vulnerability is related to storing passwords in a recoverable format (CWE-257, meaning passwords are saved in a way that can be converted back to their original form), making it easier for attackers to steal credentials.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2023-23382","publishedAt":"2023-02-14T20:15:17.217Z","cveId":"CVE-2023-23382","cweIds":["CWE-257"],"cvssScore":"6.5","cvssSeverity":"medium","severity":"medium","attackType":["pii_leakage"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":["Microsoft"],"affectedVendorsRaw":["Microsoft Azure Machine Learning"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.01654,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality"],"aiComponentTargeted":"inference","llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}