Thursday , Nov. 28, 2024, 3:12 p.m.
News thumbnail
Technology / Tue, 04 Jun 2024 CybersecurityNews

Microsoft Azure Vulnerability Let Attackers Bypass Firewall Rules

Tenable Research has uncovered a significant vulnerability in Microsoft Azure that allows malicious attackers to bypass firewall rules by forging requests from trusted services. The timeline of the disclosure process is as follows:January 24, 2024 : Tenable discloses the vulnerability to Microsoft. January 31, 2024 : MSRC confirms the reported behavior and awards a bounty. February 26, 2024 : MSRC decided to address the issue via a comprehensive documentation update and addressed more vulnerability variants. This vulnerability highlights the importance of robust security measures and the need for continuous monitoring and updating of security protocols.

Tenable Research has uncovered a significant vulnerability in Microsoft Azure that allows malicious attackers to bypass firewall rules by forging requests from trusted services.

This vulnerability affects several Azure services, including:

Azure Application Insights

Azure DevOps

Azure Machine Learning

Azure Logic Apps

Azure Container Registry

Azure Load Testing

Azure API Management

Azure Data Factory

Azure Action Group

Azure AI Video Indexer

Azure Chaos Studio

Severity and Impact

Tenable Research has classified this vulnerability as a Security Feature Bypass issue.

Looking for Full Data Breach Protection? Try Cynet's All-in-One Cybersecurity Platform for MSPs: Try Free Demo

While the Common Vulnerability Scoring System (CVSS) is typically used to measure the severity of vulnerabilities, Tenable suggests a severity rating of High for this issue due to its impact on data integrity and confidentiality.

Microsoft Security Response Center (MSRC) has acknowledged the issue as an Elevation of Privilege with a severity rating of Important and has awarded a bounty for its discovery.

Solution and Recommendations

Microsoft has opted to address the issue by creating centralized documentation to inform customers about usage patterns for service tags. However, the vulnerable behavior still exists in customer environments.

Users are advised to add authentication and authorization layers to defend their assets on top of the network controls administered using service tags.

The timeline of the disclosure process is as follows:

January 24, 2024 : Tenable discloses the vulnerability to Microsoft. Automated acknowledgment received.

: Tenable discloses the vulnerability to Microsoft. Automated acknowledgment received. January 31, 2024 : MSRC confirms the reported behavior and awards a bounty.

: MSRC confirms the reported behavior and awards a bounty. February 2, 2024 : MSRC devises a comprehensive fix plan and an implementation timeline.

: MSRC devises a comprehensive fix plan and an implementation timeline. February 26, 2024 : MSRC decided to address the issue via a comprehensive documentation update and addressed more vulnerability variants.

: MSRC decided to address the issue via a comprehensive documentation update and addressed more vulnerability variants. March 6, 2024 : Coordinated disclosure in May is agreed upon.

: Coordinated disclosure in May is agreed upon. April 30, 2024 : Tenable provides a blog draft to MSRC.

: Tenable provides a blog draft to MSRC. April 30 – May 10, 2024 : Tenable coordinates with MSRC to incorporate technical comments.

: Tenable coordinates with MSRC to incorporate technical comments. June 3, 2024: Coordinated disclosure.

This vulnerability highlights the importance of robust security measures and the need for continuous monitoring and updating of security protocols.

Users of the affected Azure services should take immediate action to implement additional authentication and authorization layers to protect their assets.

logo

Stay informed with the latest news and updates from around India and the world.We bring you credible news, captivating stories, and valuable insights every day

©All Rights Reserved.