Microsoft Azure Services Vulnerable To SSRF
Contents
Summary Of The Attack
- On January 17, 2023, four vulnerabilities in Microsoft Azure services were vulnerable to server-side request forgery (SSRF) attacks.
- Services included Azure API Management, Azure Functions, Azure Machine Learning, and Azure Digital Twins.
- According to Orca researcher Lidor Ben Shitrit, the impact of these SSRF vulnerabilities on Microsoft Azure Services could have been significant if left unpatched.
- Due to the swift action taken by Microsoft, these vulnerabilities were mitigated before they could cause any major damage.
Stay Up-To-Date On The Latest Attacks
Be the first to know when our experts release new insights on the top attacks.
You're on the list! Just one more step...
Check your email to confirm your subscription.
What Happened?
On January 17, 2023, Orca Security reported that they had discovered four vulnerabilities in Microsoft Azure services that were vulnerable to server-side request forgery (SSRF) attacks.
The affected services included Azure API Management, Azure Functions, Azure Machine Learning, and Azure Digital Twins.