Tenable Cloud Research Team has discovered a high-severity vulnerability in Azure that affects over 10 Azure services, such as Azure Application Insights, Azure DevOps, Azure Machine Learning, Azure API Management, and Azure Logic Apps.
“This vulnerability enables an attacker to control server-side forge requests, thus impersonating trusted Azure services,” explains Liv Matan, senior research engineer at Tenable.
Vulnerability exploitation
The Tenable Cloud Research Team found that the vulnerability allows a malicious player to bypass firewall rules based on Azure Service Tags by forging requests from trusted services.
Attackers could exploit Service Tags allowed through a user’s firewall without additional validation controls. Further, by exploiting this vulnerability, malicious players can access an organisation’s Azure service and other internal and private Azure services.
Taking action
As Azure customers whose firewall rules rely on Azure Service Tags for security are at risk from this vulnerability, Tenable urges them to take immediate action and add more authentication and authorisation layers.
“We highly recommend customers take immediate action. By ensuring that strong network authentication is maintained, users can defend themselves with an additional and crucial layer of security,” Matan added.
