high

Azure Cloud Shell access token theft

Published Tue, Sep 20th, 2022
Platforms

Summary

An issue in Azure Cloud Shell could have allowed an attacker to take over an Azure App Service domain and leverage it to inject and execute commands in other tenants' terminals if they navigated to the domain while logged into their account. Using this method, an attacker could query the Azure IMDS on other tenants' behalf and thereby obtain their access tokens.

Affected Services

Cloud Shell

Remediation

None required.

Tracked CVEs

No tracked CVEs

References

Disclosure Date
Sat, Aug 20th, 2022
Exploitablity Period
-
Known ITW Exploitation
-
Detection Methods
-
Discovered by
Gafnit Amiga, Lightspin