high

Escalating from Reader to Contributor in Azure API Management

Published Fri, Sep 13th, 2024

Platforms

Summary

A vulnerability in Azure API Management allowed users with Reader access to escalate privileges to Contributor level by accessing admin user keys via the ARM API. This permitted full management capabilities through the Direct Management API, including reading secrets and modifying configurations.

Affected Services

API Management

Remediation

Enable "Disable old API versions" setting for Azure API Management instances.

Tracked CVEs

No tracked CVEs

References

https://binarysecurity.no/posts/2024/09/apim-privilege-escalation https://binarysecurity.no/posts/2024/11/apim-privesc

Contributed by https://github.com/korniko98

Entry Status

Stub (AI-Generated)

Disclosure Date

Tue, Apr 30th, 2024

Exploitablity Period

Until 2024/06/04

Known ITW Exploitation

Detection Methods

Monitor for unexpected privilege escalation or configuration changes in Azure API Management resources.

Piercing Index Rating

Discovered by

Christian Håland, Binary Security AS

More vulnerabilities...

high

Security Flaw in AWS Transit Gateway Peering Attachments

A security flaw in AWS Transit Gateway Peering attachments allowed unauthorized acceptance of peering requests between regions. The exploit bypassed the approval step, granting potential unauthoriz...

James Sheard, DoiT

Thu, Sep 12th, 2024

Copilot Studio information disclosure via SSRF

Tenable

Tue, Aug 20th, 2024

high

WireServing Up Credentials in Azure Kubernetes Services

A vulnerability in Azure Kubernetes Services allowed attackers to escalate privileges and access cluster credentials. Affected clusters used Azure CNI for network configuration and Azure for networ...

Nick McClendon, Daniel McNa...

Mon, Aug 19th, 2024

View all