Four Azure services have been found to be vulnerable to “server side Request Forgery” flaws, according to a recent analysis by cybersecurity experts. The services, which are widely used by businesses and organizations, have been identified as Azure Functions, Azure Logic Apps, Azure Event Grid, and Azure Service Bus. The vulnerabilities is found by Orca security team, if exploited, could allow an attacker to gain unauthorized access to sensitive information and potentially disrupt operations.
Microsoft, the company behind Azure, has released patches for the vulnerabilities and is urging users to update their systems as soon as possible. The company has also provided guidance on how to protect against such attacks and how to detect them.
Despite the severity of these flaws, the good news is that no known attacks have been reported as of yet. However, experts warn that it’s only a matter of time before these vulnerabilities are targeted by cybercriminals.
Companies and organizations using Azure services are urged to take immediate action to protect their systems and data. With the increasing cloud services in today’s digital age, it’s more important than ever to stay vigilant and stay updated on potential vulnerabilities.
Stay ahead of the cybercriminals and protect your company’s sensitive information by taking the necessary steps to address these Azure vulnerabilities now.
- In total the security researcher found four Azure services vulnerable to SSRF: Azure API Management, Azure Functions, Azure Machine Learning and Azure Digital Twins.
- We managed to exploit two vulnerabilities without requiring any authentication on the service (Azure Functions and Azure Digital Twins), allowing us to send requests in the name of the server without even having an Azure account.
- The discovered Azure SSRF vulnerabilities allowed an attacker to scan local ports, find new services, endpoints, and files – providing valuable information on possibly vulnerable servers and services to exploit for initial entry and the location of potential information to target.
- SSRF vulnerabilities are particularly dangerous since if attackers are able to access the host’s IMDS (Cloud Instance Metadata Service), this exposes detailed information on instances, including hostname, security group, MAC address and user-data, potentially allowing attackers to retrieve tokens, move to another host, and execute code (RCE).
The researchers reached out to the Microsoft Security Response Center (MSRC), who promptly fixed the reported issues.
Also See :
What is Microsoft Azure Services For?
Microsoft Azure Services is a cloud computing platform and infrastructure created by Microsoft for building, deploying, and managing applications and services through a global network of Microsoft-managed data centers. It provides a variety of services such as computing power, storage solutions, and networking, as well as a range of tools for building and deploying applications, including support for many different programming languages and frameworks.
Azure also includes a range of services for data management, analytics, and artificial intelligence, and it provides integration with other Microsoft products such as Office 365 and Dynamics 365. Azure is widely used by businesses and organizations of all sizes for a variety of purposes including web and mobile app development, data storage and management, and disaster recovery.