Provide greater transparency over patch status of known applicable CVE's
As a Independent Software Vendor (ISV) that uses Azure SQL DB to run our Software as a Service offering to our customers we get challenges from those customers to verify that the service they are using is mitigated against published CVE's. Where those CVE's are applicable to things like SQL Server or Windows OS we do not have any transparency to assert if the Azure SQL DB service is patched. We have to open a support ticket for each incident. Would love to see some transparency over patched applicable CVEs
Jure Bogataj commented
This would be very nice feature to have for Cloud Services (Classic) also, without the need to RDP-ing to Cloud Service instance.