medium

Azure Cloud Shell terminal escape

Published Wed, Jan 9th, 2019
Platforms

Summary

If attacker controlled data is viewed in Cloudshell it could have led to code execution. This exact same issue was later discovered in AWS as well.

Affected Services

Cloudshell

Remediation

None required

Tracked CVEs

No tracked CVEs

References

Contributed by https://github.com/0xdabbad00
Entry Status
Finalized
Disclosure Date
Wed, Jan 9th, 2019
Exploitablity Period
-
Known ITW Exploitation
-
Detection Methods
-
Piercing Index Rating
-
Discovered by
Felix Wilhelm, Google

More vulnerabilities...

medium

Azure Cloud Shell terminal escape

If attacker controlled data is viewed in Cloudshell it could have led to code execution. This exact same issue was later discovered in AWS as well.

...
Felix Wilhelm, Google

medium

Azure Cloud Shell terminal escape

If attacker controlled data is viewed in Cloudshell it could have led to code execution. This exact same issue was later discovered in AWS as well.

...
Felix Wilhelm, Google

medium

Azure Cloud Shell terminal escape

If attacker controlled data is viewed in Cloudshell it could have led to code execution. This exact same issue was later discovered in AWS as well.

...
Felix Wilhelm, Google

View all