[Nulled] » Information security » Orca provided information about 4 server-side request forgery attacks (SSRF)
January 23 2023

Orca provided information about 4 server-side request forgery attacks

Orca provided information about 4 server-side request forgery attacks (SSRF) in Microsoft Azure services, including two errors that could be used without authentication for unauthorized access to cloud resources.

The security issues discovered by Orca between October 8, 2022 and December 2, 2022 in Azure API Management, Azure Functions, Azure Machine Learning and Azure Digital Twins have since been fixed by Microsoft, the latter was closed on December 20.

Among the main problems are the following:

- SSRF without authentication in Azure Digital Twins Explorer due to a vulnerability in the /proxy/blob endpoint that can be used to get a response from any service with the suffix "blob.core.windows[.]net".

- SSRF without authentication in Azure functions that can be used to enumerate local ports and access internal endpoints.

- An authenticated SSRF in the Azure API Management Service, which can be used to get a list of internal ports, including the port associated with the source code management service, which can then be used to access confidential files.

- Authenticated SSRF in Azure Machine Learning service via endpoint /datacall/streamcontent, which can be used to extract content from arbitrary endpoints.

The discovered Azure SSRF vulnerabilities allowed an attacker to scan local ports, discover new services, endpoints, and confidential files. This information regarding vulnerable servers and services is of high value when planning initial access and subsequent goal setting.

Two vulnerabilities affecting the functions of Azure and Azure Digital Twins can be exploited without any authentication, which allows an attacker to take control of the server without even having an Azure account.

SSRF attacks can have serious consequences because they allow an attacker to read or modify internal resources and, even worse, switch to other hosts, hack systems to extract valuable data.

Three vulnerabilities are rated as important in severity, and the SSRF vulnerability affecting Azure machine learning is rated as low. All weak points can be used to manipulate the server in order to carry out further attacks against a vulnerable target.

Orca researchers note that all four vulnerabilities can be exploited via XXE (external XML object), SVG files, proxy server, PDF rendering, or a vulnerable query string in the URL.

To reduce the risk of threats, users are advised to check all input data, make sure that the servers are configured to allow only the necessary incoming and outgoing traffic, avoid incorrect configurations and adhere to the principle of least privilege (PoLP).

Later, Microsoft published a blog post explaining that the vulnerabilities had a low severity rating because they did not allow access to confidential information or Azure server services.

Information

Visitors who are in the group Guests they can't download files.
Log in to the site under your login and password or if you are a new user go through the process registrations on the website.

Comments:

This publication has no comments yet. You can be the first!

Information the publication:

  • Author of the publication: AdequateSchizo
  • Date of publication: 23 January 2023 12:24
  • Publication category(s): Information security
  • Number of views of the publication: 183
  • Number of comments to the publication: 0

Related News

16 January 2023
Information security
Microsoft, as usual,

Microsoft, as usual, quietly fixed an important security vulnerability in the Azure service (ACS) after

Read more
23 January 2023
Information security
The OpenText Enterprise

The OpenText Enterprise Content Management (ECM) system is subject to a variety of vulnerabilities, including

Read more
23 February 2022
Programming
PowerShell

PowerShell Command Interpreter Wikipedia An extensible open source automation tool from Microsoft, consisting of a

Read more
16 January 2023
Information security»,Protection and hacking»,DDOS
Let's go back to Zerobot

Let's go back to Zerobot, which was originally reported by Fortinet two weeks ago. The Internet of Things (IoT)

Read more
16 January 2023
Information security
Microsoft's January

Microsoft's January PatchTuesday was released with fixes for a record 98 documented software vulnerabilities.

Read more

Information

Users of 🆅🅸🆂🅸🆃🅾🆁 are not allowed to comment this publication.

Site Search

Site Menu


☑ Websites Scripts

Calendar

«    December 2024    »
MonTueWedThuFriSatSun
 1
2345678
9101112131415
16171819202122
23242526272829
3031 

Advertisement

Survey on the website

Evaluate the work of the site
 

Statistics

  • +4 Total articles 6751
  • +19 Comments 4238
  • +34 Users : 6079