all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CSRF Vulnerability in Kudu SCM Allowed Code Execution in Azure Services

Add to bookmarks
Jan. 19, 2023, 12:08 p.m. | Ionut Arghire

SecurityWeek RSS Feed www.securityweek.com

A cross-site request forgery (CSRF) vulnerability impacting the source control management (SCM) service Kudu could be exploited to achieve remote code execution (RCE) in multiple Azure services, cloud infrastructure security firm Ermetic has discovered.


read more

azure cloud cloud infrastructure cloud security code code execution control cross-site cross-site request forgery csrf ermetic exploited forgery infrastructure infrastructure security management news & industry rce remote code remote code execution request scm security service services vulnerabilities vulnerability

Visit resource

More from www.securityweek.com / SecurityWeek RSS Feed

In Other News: Apple WPS Surveillance, Canadian Gov Wants Backdoors, NIST AI Program 1 day, 18 hours ago | www.securityweek.com
apple backdoors can canadian +12
Information of Hundreds of European Politicians Found on Dark Web 1 day, 20 hours ago | www.securityweek.com
addresses british dark dark web +7
Mysterious Threat Actor Used Chalubo Malware to Brick 600,000 Routers 1 day, 21 hours ago | www.securityweek.com
actor botnet brick bricked +10
CISA Warns of Exploited Linux Kernel Vulnerability 1 day, 21 hours ago | www.securityweek.com
cisa cisa kev cve cve-2024 +13
OpenAI’s Altman Sidesteps Questions About Governance, Johansson at UN AI Summit 1 day, 21 hours ago | www.securityweek.com
ai summit artificial intelligence board board members +9
Hackers Boast Ticketmaster Breach on Relaunched BreachForums 1 day, 22 hours ago | www.securityweek.com
breach breachforums data data breach +8
BBC Data Breach Impacts 25,000 Employees 1 day, 23 hours ago | www.securityweek.com
bbc breach current data +5
Cloudflare Expands Zero Trust Capabilities with Acquisition of BastionZero 2 days, 14 hours ago | www.securityweek.com
access acquisition bastionzero bolster +19
Microsoft’s Windows Recall: Cutting-Edge Search Tech or Creepy Overreach? 2 days, 15 hours ago | www.securityweek.com
ai apps artificial intelligence bots +22

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com