all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CSRF Vulnerability in Kudu SCM Allowed Code Execution in Azure Services

Add to bookmarks
Jan. 19, 2023, 12:08 p.m. | Ionut Arghire

SecurityWeek RSS Feed www.securityweek.com

A cross-site request forgery (CSRF) vulnerability impacting the source control management (SCM) service Kudu could be exploited to achieve remote code execution (RCE) in multiple Azure services, cloud infrastructure security firm Ermetic has discovered.


read more

azure cloud cloud infrastructure cloud security code code execution control cross-site cross-site request forgery csrf ermetic exploited forgery infrastructure infrastructure security management news & industry rce remote code remote code execution request scm security service services vulnerabilities vulnerability

Visit resource

More from www.securityweek.com / SecurityWeek RSS Feed

Powerful ‘Brokewell’ Android Trojan Allows Attackers to Takeover Devices 10 hours ago | www.securityweek.com
android android trojan attackers can +10
Over 1,400 CrushFTP Instances Vulnerable to Exploited Zero-Day 11 hours ago | www.securityweek.com
actively exploited crushftp cve-2024-4040 exploited +6
Self-Spreading PlugX USB Drive Malware Plagues Over 90k IP Addresses 11 hours ago | www.securityweek.com
addresses drive drives flash +8
In Other News: China Hacked Volkswagen, DDoS Service Shutdown, Rubrik IPO 13 hours ago | www.securityweek.com
china chinese ddos ddos service +15
Darktrace to be Taken Private in $5.3 Billion Sale to Thoma Bravo 13 hours ago | www.securityweek.com
acquisition artificial intelligence cash cybersecurity +10
Critical WordPress Automatic Plugin Vulnerability Exploited to Inject Backdoors 15 hours ago | www.securityweek.com
automatic backdoors critical cybercrime +11
Predictive Security Startup BforeAI Raises $15 Million 1 day, 9 hours ago | www.securityweek.com
artificial intelligence attack bfore.ai funding +15
Palo Alto Networks Shares Remediation Advice for Hacked Firewalls 1 day, 11 hours ago | www.securityweek.com
advice alto cve cve-2024 +12
Autodesk Drive Abused in Phishing Attacks 1 day, 12 hours ago | www.securityweek.com
accounts attacks autodesk campaign +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Consultant

@ Auckland Council | Central Auckland, NZ, 1010
View on infosec-jobs.com

Security Engineer, Threat Detection

@ Stripe | Remote, US
View on infosec-jobs.com

DevSecOps Engineer (Remote in Europe)

@ CloudTalk | Prague, Prague, Czechia - Remote
View on infosec-jobs.com

Security Architect

@ Valeo Foods | Dublin, Ireland
View on infosec-jobs.com

Security Specialist - IoT & OT

@ Wallbox | Barcelona, Catalonia, Spain
View on infosec-jobs.com
View more jobs