medium

Azure CLI code injection vulnerability

Published Tue, Oct 25th, 2022

Platforms

Summary

Azure CLI contained a code injection vulnerability that could be exploited in a scenario where the host runs a command where parameter values have been provided by an external untrusted source - these could be specially crafted in such a way as to exploit the vulnerability, leading to remote code execution on the host. The vulnerability is only applicable when the Azure CLI command is run on a Windows machine and with any version of PowerShell and when the parameter value contains the `&` or `|` symbols.

Affected Services

Azure CLI

Remediation

Upgrade to Azure CLI 2.40.0 or greater.

Tracked CVEs

No tracked CVEs

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-39327 https://github.com/Azure/azure-cli/security/advisories/GHSA-47xc-9rr2-q7p4 https://github.com/Azure/azure-cli/pull/23514 https://github.com/Azure/azure-cli/pull/24015

Contributed by https://github.com/fooinha

Entry Status

Finalized

Disclosure Date

Exploitability Period

Known ITW Exploitation

Detection Methods

None

Piercing Index Rating

Discovered by

Microsoft

More vulnerabilities...

high

Docker Command Escaping in GitHub Actions Runner

A vulnerability in the GitHub Actions Runner allowed untrusted inputs in environment variables to escape and modify docker command invocations. This affected jobs using container actions, job conta...

Juho NurminenOct 24, 2022

BlueBleed

In September 22', SOCRadar discovered an insecure public Azure blob storage owned by Microsoft (olyympusv2.blob.core.windows[.]net). This blob storage was used for storing emails and other document...

SOCRadarOct 19, 2022

medium

Azure Arc-enabled Kubernetes privilege escalation

Azure Arc allows customers to connect on-premises Kubernetes clusters to Azure. This is facilitated by middleware (the Azure Arc-enabled Kubernetes agent) which includes a "cluster connect" feature...

Mo Khan, MicrosoftOct 11, 2022

View all