Tenable, a leading Exposure Management company, has unveiled a significant vulnerability in Microsoft Azure. Discovered by Tenable’s Cloud Research Team, this high severity flaw impacts over 10 Azure services, including Azure Application Insights, Azure DevOps, Azure Machine Learning, Azure API Management, and Azure Logic Apps. Notably, Microsoft will not release a patch for this vulnerability. Instead, the company has provided centralized documentation to guide customers on appropriate usage patterns for service tags.
Vulnerability Details and Risks
This vulnerability allows attackers to bypass firewall rules that utilize Azure Service Tags by forging requests from trusted services. Without additional validation controls, threat actors can exploit these Service Tags to penetrate a user’s firewall, gaining access to both the organization’s Azure services and other internal, private Azure resources.
Expert Recommendations
Liv Matan, Senior Research Engineer at Tenable, highlights the severity of the issue: “This vulnerability enables an attacker to control server-side forge requests, thus impersonating trusted Azure services. We highly recommend customers take immediate action. By ensuring that strong network authentication is maintained, users can defend themselves with an additional and crucial layer of security.”
Immediate Actions for Azure Customers
Azure customers relying on Azure Service Tags for their firewall rules are particularly at risk. To mitigate this vulnerability, it is crucial to implement robust authentication and authorization measures immediately. This will provide an essential layer of security, safeguarding against potential exploits.
Stay Protected
Ensure your Azure services are secure by following Microsoft’s guidance on service tag usage patterns and maintaining strong network authentication. Stay informed and proactive to protect your organization from potential threats.
For more information and detailed guidance, refer to Microsoft’s centralized documentation on this issue.
