Masanin tsaro Wiz yayi kashedin game da lahani a cikin Sabis na App na Azure na Microsoft. Rashin lahani yana fallasa ɗaruruwan wuraren ajiyar lambar tushe. Microsoft tun daga lokacin ya daidaita ledar.
Wiz ya gano abin da ake kira rashin lafiyar NotLegit a cikin Sabis na App na Azure. Sabis ɗin, wanda kuma aka sani da Azure Web Apps, dandamali ne don ɗaukar gidajen yanar gizo da aikace-aikacen tushen yanar gizo. Ana iya loda lambar tushe da kayan tarihi zuwa Sabis na App na Azure ta amfani da kayan aikin Git na Gida. Masu amfani za su iya saita wurin ajiyar Git na gida tare da kwandon Sabis na App na Azure kuma su tura lambar kai tsaye zuwa uwar garken.
A cewar masu binciken, wannan shine daidai inda raunin ya ta'allaka. Lokacin amfani da Local Git don mirgine lambar zuwa Sabis na App na Azure, an saita ma'ajiyar git tare da adireshi mai isa ga jama'a wanda kowa zai iya shiga.
Harsunan lamba da yawa sun shafi
Musamman lambar tushe da aka rubuta a cikin PHP, Python, Ruby ko Node yana da rauni. Wannan wani bangare ne saboda waɗannan harsunan code galibi suna amfani da sabar yanar gizo kamar Apache, Nginx da Flask. Waɗannan sabar gidan yanar gizo ba za su iya ɗaukar fayilolin web.config ba. Wannan yana ba da damar jama'a zuwa wuraren ajiyar lambar tushe.
An san Microsoft
Kwararrun tsaro a Wiz sun riga sun sanar da Microsoft game da raunin a farkon Oktoba na wannan shekara. Microsoft ya rufe shi tun daga lokacin. A kowane hali, ƙwararrun sun bukaci masu amfani da su bincika ko an bayyana lambar tushe kuma su ɗauki mataki don aikace-aikacen su.