Tenable uncovers major vulnerability in Microsoft Azure services
In a recent development, Tenable, a prominent exposure management company, has revealed a high severity vulnerability within Microsoft's Azure. This flaw impacts over ten Azure services, including well-known platforms such as Azure Application Insights, Azure DevOps, Azure Machine Learning, Azure API Management, and Azure Logic Apps. Notably, Microsoft has announced that it will not be issuing a patch to address this security gap, opting instead to release centralised documentation to assist customers in understanding service tag usage patterns.
The discovered vulnerability permits malicious attackers to bypass firewall rules designed around Azure Service Tags by forging requests from trusted services. According to Tenable's findings, a threat actor could exploit these Service Tags, which were allowed through a user's firewall without additional validation controls. This exploits the system in a manner that could enable an attacker to access both an organisation's Azure services and other internal and private Azure services.
Liv Matan, a senior research engineer at Tenable, elaborated on the significance of this discovery: "This vulnerability enables an attacker to control server-side forge requests, thus impersonating trusted Azure services. We highly recommend customers take immediate action. By ensuring that strong network authentication is maintained, users can defend themselves with an additional and crucial layer of security."
Azure customers who rely on Azure Service Tags for their firewall rules are highly vulnerable to this security threat. Therefore, it is imperative for these users to act promptly to mitigate the associated risks. Tenable urges customers to enhance their protection by implementing robust layers of authentication and authorisation.
Further technical details and proof of concept regarding the vulnerability have been published by Tenable. This information aims to help affected Azure users understand the technical aspects of the vulnerability and the steps required to secure their services effectively.