all InfoSec news
Lethal Injection
May 7, 2024, midnight |
The Open Cloud Vulnerability & Security Issue Database www.cloudvulndb.org
These could have potentially exposed sensitive user data and granted attackers extensive control, allowing
unrestricted code execution as root on the bot backend, unrestricted access to authentication secrets &
integration auth providers, unrestricted memory read in the bot backend, exposing sensitive secrets,
allowing cross-tenant data access and unrestricted deletion of other tenants' public resources.
These issues stemmed from various bugs related to URL sanitization, shared compute, and …
access amp attackers auth authentication azure backend bot chatbot code code execution control data exposed exposing health injection integration memory microsoft platform root secrets sensitive service uncovered user data vulnerabilities
More from www.cloudvulndb.org / The Open Cloud Vulnerability & Security Issue Database
AWS Glue database password leakage
1 month, 1 week ago |
www.cloudvulndb.org
Azure Site Recovery privilege escalation
3 months, 1 week ago |
www.cloudvulndb.org
Azure HDInsight privilege escalation and DoS vulnerabilities
3 months, 2 weeks ago |
www.cloudvulndb.org
Jobs in InfoSec / Cybersecurity
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
Principal Security Research Engineer (Prisma Cloud)
@ Palo Alto Networks | Bengaluru, India
National Security Solutions Fall 2024 Co-Op - Positioning, Navigation and Timing (PNT) Intern
@ KBR, Inc. | USA, Beavercreek Township, 4027 Colonel Glenn Highway, Suite 300, Ohio
Sr Principal Embedded Security Software Engineer
@ The Aerospace Corporation | HIA32: Cedar Rapids, IA 400 Collins Rd NE , Cedar Rapids, IA, 52498-0505 USA