all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Four Azure services vulnerable to sever-ride request forgery flaws

Add to bookmarks
Jan. 17, 2023, 11:16 p.m. | Menghan Xiao

SC Magazine feed for Strategy www.scmagazine.com

The vulnerable services include Azure API Management, Azure Functions, Azure Machine Learning, and Azure Digitals, according to a blog post Tuesday by Orca Security. Among them, two vulnerabilities involving Azure Functions and Azure Digital Twins did not require authentication, meaning that an attacker could exploit them even without an Azure account.  

account api api management authentication azure blog blog post digital digital twins exploit flaws forgery functions machine machine learning management orca orca security request security services threat intelligence tuesday vulnerabilities vulnerability management vulnerable

Visit resource

More from www.scmagazine.com / SC Magazine feed for Strategy

Nearly 6M WordPress sites may be affected by bugs in 3 plug-ins 1 day, 12 hours ago | www.scmagazine.com
api security application security attacks bugs +10
Securing Backups - SWN Vault 1 day, 15 hours ago | www.scmagazine.com
backups securing security-strategy-plan-budget vault
Five elements of proactive patching 1 day, 20 hours ago | www.scmagazine.com
devsecops industry open source patchconfiguration-management +4
Alleged Russian cybercriminal faces US fraud charges 2 days, 15 hours ago | www.scmagazine.com
access access broker bleepingcomputer broker +26
New Army Cyber Command tool leveraged by Defense Department in achieving federal AI goals 2 days, 16 hours ago | www.scmagazine.com
aiml army artificial artificial intelligence +24
House committee OKs independent Cyber Force 2 days, 16 hours ago | www.scmagazine.com
authorization bill cyber cybersecurity +14
US facing unprecedented foreign influence threats, ex-official says 2 days, 16 hours ago | www.scmagazine.com
aiml artificial artificial intelligence china +23
Improved biometric security sought by new FIDO Alliance certification 2 days, 16 hours ago | www.scmagazine.com
aiml alliance authentication bias +19
Data-level ransomware prevention aimed by novel Cigent platform 2 days, 16 hours ago | www.scmagazine.com
cigent compromise data data encryption +15

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com