Azure Machine Learning SSRF

Published Mon, Jun 17th, 2024

Platforms

azure

Summary

Affected Services

Azure Machine Learning

Tracked CVEs

No tracked CVEs

References

https://msrc.microsoft.com/blog/2024/06/mitigating-ssrf-vulnerabilities-impacting-azure-machine-learning/https://www.tenable.com/security/research/tra-2024-22

Entry Status

Stub

Disclosure Date

-

Exploitability Period

-

Known ITW Exploitation

-

Detection Methods

None

Piercing Index Rating

-

Discovered by

Tenable, Wiz

More vulnerabilities...

high

GitHub Copilot Chat Vulnerable to Data Exfiltration

github

GitHub Copilot Chat VS Code Extension was vulnerable to data exfiltration via prompt injection when analyzing untrusted source code. The vulnerability allowed attackers to access previous conversat...

wunderwuzzi, Embrace The Red
medium

Issue with Amazon EC2 VM Import Export Service

aws

AWS addressed an issue with the Amazon EC2 VM Import Export Service where importing Windows VMs with custom Sysprep answer files resulted in an unprotected backup copy being created, potentially ex...

Immersive Labs
high

Issue with AWS Deployment Framework

aws

CVE-2024-37293 affects the AWS Deployment Framework's bootstrap process, potentially allowing privilege escalation if an actor has permissions to change CodeBuild projects or Lambda functions. The ...

Xidian University
View all