Description
Azure blob storage is Microsoft's persistent Cloud data storage. A blob can be any type of text or binary data, such as a document, media file, or application installer. By default, a container and any blobs within it may be accessed only by the owner of the storage account. If you want to give anonymous users read permissions to a container and its blobs, you can set the container permissions to allow public access. Anonymous users can read blobs within a publicly accessible container without authenticating the request.
This web application is using a Full public read access Azure blob storage resource. This is not recommended, as a public blob storage resource will list all of its files and directories to an any user that asks.
Remediation
Make sure all the Azure blob storage resources you are using are marked as "Public read access for blobs only" or "No public read access".
References
Related Vulnerabilities
WordPress Plugin Gallery-Flagallery Photo Portfolio Information Disclosure (4.24)
WordPress Plugin Theme Blvd Widget Areas Multiple Security Bypass Vulnerabilities (1.2.2)
Oracle JavaServer Faces multiple vulnerabilities
WordPress Plugin YITH Custom Thank You Page for Woocommerce Security Bypass (1.1.6)
WordPress Plugin Cimy User Manager 'cimy_um_filename' Parameter Arbitrary File Disclosure (1.4.2)