Multiple SSRF vulnerablities in Azure services
Published Tue, Jan 17th, 2023
Platforms
Summary
SSRF vulnerabilities were discovered in four Azure services: unauthenticated SSRF in Azure Digital Twins Explorer and Azure Functions, and authenticated SSRF in Azure API Management Service and Azure Machine Learning Service. All four vulnerabilities were full (non-blind) SSRF. The impact of these vulnerabilities was limited: while they would have allowed an adversary to scan local ports and find new services, endpoints, and files; they would not have allowed them to access metadata, connect to internal services, access unauthorized data, or obtain cross-tenant access.
Affected Services
Azure Machine Learning Service, Azure API Management Service, Azure Functions, Azure Digital Twins Explorer
Remediation
None required
Tracked CVEs
No tracked CVEs
References
Contributed by https://github.com/korniko98
Entry Status
Finalized
Disclosure Date
Sat, Oct 8th, 2022
Exploitability Period
-
Known ITW Exploitation
-
Detection Methods
None
Piercing Index Rating
-
Discovered by
Lidor Ben Shitrit, Orca Security
