Misconfigured CORS may lead to excessive access of resources to existing clients. It may even expose private endpoints/data to unauthorized/malicious clients.
In Azure Console -
In Terraform -
References:
https://learn.microsoft.com/en-us/azure/healthcare-apis/
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/healthcare_service#cors_configuration