medium

Azure privilege escalation via Log Analytics role

Published Mon, Sep 13th, 2021
Platforms

Summary

Azure AD users could escalate their privileges using the Log Analytics Contributor role to reach the full Subscription Contributor role.

Affected Services

Log Analytics

Remediation

None required

Tracked CVEs

No tracked CVEs

References

Contributed by https://github.com/0xdabbad00
Entry Status
Finalized
Disclosure Date
Thu, Oct 15th, 2020
Exploitablity Period
-
Known ITW Exploitation
-
Detection Methods
-
Piercing Index Rating
-
Discovered by
Karl Fosaaen, NetSPI

More vulnerabilities...

medium

Azure privilege escalation via Log Analytics role

Azure AD users could escalate their privileges using the Log Analytics Contributor role to reach the full Subscription Contributor role.

...
Karl Fosaaen, NetSPI

medium

Azure privilege escalation via Log Analytics role

Azure AD users could escalate their privileges using the Log Analytics Contributor role to reach the full Subscription Contributor role.

...
Karl Fosaaen, NetSPI

medium

Azure privilege escalation via Log Analytics role

Azure AD users could escalate their privileges using the Log Analytics Contributor role to reach the full Subscription Contributor role.

...
Karl Fosaaen, NetSPI

View all