all InfoSec news
Multiple SSRF vulnerablities in Azure services
Jan. 17, 2023, midnight |
The Open Cloud Vulnerability & Security Issue Database www.cloudvulndb.org
Azure Digital Twins Explorer and Azure Functions, and authenticated SSRF in Azure API
Management Service and Azure Machine Learning Service. All four vulnerabilities were
full (non-blind) SSRF. The impact of these vulnerabilities was limited: while they
would have allowed an adversary to scan local ports and find new services, endpoints,
and files; they would not have allowed them to access metadata, connect to internal
services, access unauthorized data, or …
access adversary api api management azure connect digital digital twins endpoints explorer files find functions impact local machine machine learning management metadata non ports scan service services ssrf vulnerabilities vulnerablities
More from www.cloudvulndb.org / The Open Cloud Vulnerability & Security Issue Database
AWS Amplify IAM role publicly assumable exposure
3 weeks, 1 day ago |
www.cloudvulndb.org
AWS Glue database password leakage
3 weeks, 5 days ago |
www.cloudvulndb.org
Azure Site Recovery privilege escalation
2 months, 3 weeks ago |
www.cloudvulndb.org
Azure Pipelines Agent poisoned pipeline execution
4 months, 2 weeks ago |
www.cloudvulndb.org
Jobs in InfoSec / Cybersecurity
Security Operations Program Manager
@ Microsoft | Redmond, Washington, United States
Sr. Network Security engineer
@ NXP Semiconductors | Bengaluru (Nagavara)
DevSecOps Engineer
@ RP Pro Services | Washington, District of Columbia, United States
Consultant RSSI H/F
@ Hifield | Sèvres, France
TW Senior Test Automation Engineer (Access Control & Intrusion Systems)
@ Bosch Group | Taipei, Taiwan
Cyber Security, Senior Manager
@ Triton AI Pte Ltd | Singapore, Singapore, Singapore