critical

Azure App Service RCE

Published Thu, Jan 30th, 2020

Platforms

Summary

A Vulnerability in App Service could allow an unprivileged function run by the user to execute code in the context of NT AUTHORITY\system, thereby escaping the sandbox. This vulnerability allowed cross-account access when using the Free/Shared tier.

Affected Services

App Service

Remediation

Azure Cloud - None required, Azure Stack / Windows Azure Pack Web Sites V2 - Manual update

Tracked CVEs

CVE-2019-1372

References

https://research.checkpoint.com/2020/remote-cloud-execution-critical-vulnerabilities-in-azure-cloud-infrastructure-part-ii/https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2019-1372

Contributed by https://github.com/r0nen

Entry Status

Finalized

Disclosure Date

Tue, Oct 8th, 2019

Exploitability Period

Known ITW Exploitation

Detection Methods

None

Piercing Index Rating

Discovered by

Ronen Shustin, Check Point

More vulnerabilities...

AWS uploaded sensitive data to public GitHub bucket

An AWS employee pushed sensitive data to a public github bucket, including customer information and credentials. Note: This issue is outside the scope of this database's usual criteria for inclusio...

UpguardJan 23, 2020

medium

GCP Speech to Text Information Disclosure

GCP's Speech-to-Text "operations/list" and "operations/get" APIs would return data that did not belong to the caller when no parameters were provided. It is unclear whether this was cross-custome...

Dan MaasJan 12, 2020

low

GCP Stackdriver Debugger SSRF

An SSRF bug in GCP's Stackdriver Debugger feature's code import could have been used to leak the authentication token of the user to an attacker-controlled server. Exploitation would require that t...

Ron ChanDec 19, 2019

View all