Four Azure Services Vulnerable To SSRF Flaws

Researchers found four Microsoft Azure services that were vulnerable to Server-Side Request Forgery (SSRF), a web security flaw that remains prevalent and poses an ongoing threat to cloud environments.  

The vulnerable services include Azure API Management, Azure Functions, Azure Machine Learning, and Azure Digitals, according to a blog post Tuesday by Orca Security. Among them, two vulnerabilities involving Azure Functions and Azure Digital Twins did not require authentication, meaning that an attacker could exploit them even without an Azure account.  

“The most notable aspect of these discoveries is arguably the number of SSRF vulnerabilities we were able to find with only minimal effort (including another SSRF vulnerability we found last year in Oracle Cloud Services), indicating just how prevalent they are and the risk they pose in cloud environments,” Lidor Ben Shitrit, cloud security researcher at Orca wrote in the blog post.  

Indeed, SSRF attacks can be particularly dangerous since a successful execution can result in an attacker accessing or modifying internal resources as well as submitting data to external sources. 

In addition, if attackers are able to access the host’s IMDS — their cloud instance metadata service — they could get detailed information on instances, including hostname, security group, MAC address, and user data, which would potentially allow attackers to retrieve tokens, move to another host, and execute code, said Dror Zalman, director of cloud security research at Orca.  

In the 2019 Capital One data breach, the hacker started by exploiting SSRF vulnerabilities

Read more

Explore the site

More from the blog

Latest News