Azue Health privilege escalation via SSRF

Published Tue, Aug 13th, 2024

Platforms

Summary

Affected Services

Azure Health

Tracked CVEs

No tracked CVEs

References

https://www.tenable.com/blog/compromising-microsofts-ai-healthcare-chatbot-service

Entry Status

Stub

Disclosure Date

Exploitability Period

Known ITW Exploitation

Detection Methods

None

Piercing Index Rating

Discovered by

Tenable

More vulnerabilities...

high

Privilege Elevation Vulnerability in Entra ID

Semperis researchers discovered vulnerabilities in Microsoft applications that allowed privilege elevation in Entra ID beyond expected authorization controls. The most severe finding enabled adding...

Eric Woodruff, SemperisAug 7, 2024

high

Bucket Monopoly Attack on AWS Services

Researchers discovered critical vulnerabilities in 6 AWS services that could allow attackers to breach accounts through malicious S3 buckets. By claiming predictable bucket names, attackers could i...

Yakir Kadkoda, Ofek Itach, ...Aug 7, 2024

high

GCP Cloud Functions Privilege Escalation Vulnerability

A privilege escalation vulnerability dubbed "ConfusedFunction" was discovered in Google Cloud Platform's Cloud Functions service. It allows attackers to escalate privileges from Cloud Function perm...

Liv Matan, TenableJul 24, 2024

View all