all InfoSec news
Four Azure services vulnerable to sever-ride request forgery flaws
SC Magazine feed for Strategy www.scmagazine.com
The vulnerable services include Azure API Management, Azure Functions, Azure Machine Learning, and Azure Digitals, according to a blog post Tuesday by Orca Security. Among them, two vulnerabilities involving Azure Functions and Azure Digital Twins did not require authentication, meaning that an attacker could exploit them even without an Azure account.
account api api management authentication azure blog blog post digital digital twins exploit flaws forgery functions machine machine learning management orca orca security request security services threat intelligence tuesday vulnerabilities vulnerability management vulnerable