all InfoSec news
Microsoft Azure Synapse Analytics - Privilege Escalation via Vegas Caching Service
Tenable Research Advisories www.tenable.com
A security issue was discovered within Microsoft’s Azure Synapse that allowed for privilege escalation to root on hosts managed by an internal Microsoft subscription ID. While we do not believe that cross-tenant access was possible via this vector, this issue granted access to potentially sensitive environmental information and allowed for the ability to forge data sent to a variety of monitoring services.
The elevated privilege level granted access to… …
analytics azure azure synapse caching escalation microsoft microsoft azure privilege privilege escalation service synapse vegas