CyberSecurityBoard
Sponsor Register Login

CSRF Vulnerability in Kudu SCM Allowed Code Execution on Azure Services

Microsoft recently patched a Cross-Site Request Forgery (CSRF) vulnerability in its popular Kudu SCM, that allowed attackers to perform remote code execution (RCE) on Azure services. The vulnerability, found in the Kudu SCM, was discovered and reported by security researcher Michael Gillespie. Kudu SCM is a web-based version control system that enables developers to store, manage, and even debug their code on the cloud. Specifically, Gillespie found that the CSRF vulnerability in the Kudu SCM had the potential to allow remote code execution on any Azure Service with a specific URL. Gillespie discovered that the CSRF vulnerability was the result of a missing input validation in the “KUDU_UI_SETTINGS” POST parameter. This could allow an attacker to launch a stored XSS attack by sending malicious JavaScript in an HTTP request. If successful, the attacker could then execute arbitrary code on the target service. Microsoft quickly responded after becoming aware of the flaw and patched the vulnerability on February 17, 2021. The CSRF vulnerability in Kudu SCM reinforces the importance of input validation in web applications. Without the appropriate implementation of input validation, third parties can leverage such a flaw to execute arbitrary code on a target computer or service. Developers should always ensure that their systems are up to date and receive regular security patches. They should also consider the use of additional security measures such as web application firewalls or intrusion prevention systems (IPS) to protect their services from potential malicious actors.

This Cyber News was published on www.securityweek.com. Publication date: Sun, 22 Jan 2023 10:48:00 +0000


Cyber News related to CSRF Vulnerability in Kudu SCM Allowed Code Execution on Azure Services

CSRF Vulnerability in Kudu SCM Allowed Code Execution on Azure Services - Microsoft recently patched a Cross-Site Request Forgery (CSRF) vulnerability in its popular Kudu SCM, that allowed attackers to perform remote code execution (RCE) on Azure services. The vulnerability, found in the Kudu SCM, was discovered and ...
1 year ago Securityweek.com
What is Azure Identity Protection and 7 Steps to a Seamless Setup - As a result, tools such as Microsoft's Azure Identity Protection have become a staple in protecting against compromised identities, account takeover, and misuse of privileges. Azure Identity Protection is a security service that provides a robust ...
7 months ago Securityboulevard.com
Five business use cases for evaluating Azure Virtual WAN security solutions - To help organizations who are evaluating security solutions to protect their Virtual WAN deployments, this article considers five business use cases and explains how Check Point enhances and complements Azure security with its best-of-breed, ...
7 months ago Blog.checkpoint.com
CVE-2017-9792 - In Apache Impala (incubating) before 2.10.0, a malicious user with "ALTER" permissions on an Impala table can access any other Kudu table data by altering the table properties to make it "external" and then changing the underlying ...
5 years ago
Azure Service Tags tagged as security risk, Microsoft disagrees - Security researchers at Tenable discovered what they describe as a high-severity vulnerability in Azure Service Tag that could allow attackers to access customers' private data. Service Tags are groups of IP addresses for a specific Azure service ...
6 months ago Bleepingcomputer.com
Microsoft fixes critical Azure CLI flaw that leaked credentials in logs - Microsoft has fixed a critical security vulnerability that could let attackers steal credentials from GitHub Actions or Azure DevOps logs created using Azure CLI. The vulnerability was reported by security researchers with Palo Alto's Prisma Cloud. ...
1 year ago Bleepingcomputer.com
Signing Executables With Azure DevOps - This signing tool is compatible with all major executable files and works impeccably with all OV and EV code signing certificates. It's mostly used with Azure DevOps due to the benefit of Azure Key Vault. Here, you will undergo the complete procedure ...
11 months ago Feeds.dzone.com
Comprehensive Cloud Monitoring Platforms: Ensuring - Platforms for comprehensive cloud monitoring come into play in this situation. In this article, we will explore the significance of comprehensive cloud monitoring platforms and delve into some leading solutions available in the market today. ...
1 year ago Feeds.dzone.com
Azure Serial Console Attack and Defense - This is the second installment of the Azure Serial Console blog, which provides insights to improve defenders' preparedness when investigating Azure Serial Console activity on Azure Linux virtual machines. While the first blog post discussed various ...
1 year ago Msrc.microsoft.com
Azure MACC Credits Gathering Dust? Use Them to Get the Best Prevention-First Security - As we enter 2024, your organization may have unused MACC or Azure commit-to-consume credits as your annual renewal date draws near. Whether you have credits that will soon expire or are starting to plan your Azure spend for the next 12 months, Check ...
11 months ago Blog.checkpoint.com
Explore How Emojideploy Botnet Exploited Microsoft Azure for Remote Code Execution - As cloud computing gains more popularity among businesses, the threat of cyber-attack surfaces to the fore. Microsoft Azure is not immune to security issues, as the recent exploit involving Emojideploy Botnet demonstrates. In this article, we will ...
1 year ago Securityaffairs.com
Fortifying confidential computing in Microsoft Azure - I wrote about how Microsoft used Intel's secure extensions to its processor instruction sets to provide a foundation for confidential computing in Azure a few years ago. In the years since, the confidential computing market has taken a few steps ...
1 year ago Infoworld.com
Researchers Uncover Undetectable Crypto Mining Technique on Azure Automation - Cybersecurity researchers have developed what's the first fully undetectable cloud-based cryptocurrency miner leveraging the Microsoft Azure Automation service without racking up any charges. Cybersecurity company SafeBreach said it discovered three ...
1 year ago Thehackernews.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
Discovering SSRF Flaws in Microsoft Azure Services - Microsoft Azure is an incredibly popular cloud computing platform and its services are used around the world. Recently, security researchers uncovered several Server-Side Request Forgery (SSRF) flaws in many of Microsoft Azure’s services. This type ...
1 year ago Securityaffairs.com
Marketing Strategies for PaaS Services: Get Ahead of the Curve - With the ever-growing demand for cloud-based performance and services, Platform-as-a-Service (PaaS) is becoming increasingly critical for modern software development. PaaS is a cloud-based platform, providing businesses with an integrated suite of ...
1 year ago Hackread.com
CVE-2022-39293 - Azure RTOS USBX is a high-performance USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. The case is, in ...
2 years ago
Microsoft extends Windows Server 2012 ESUs to October 2026 - Microsoft provides three more years of Windows Server 2012 Extended Security Updates until October 2026, giving administrators more time to upgrade or migrate to Azure. The company also prolonged the end date for Windows Server 2012 and extended ...
1 year ago Bleepingcomputer.com
CVE-2021-35541 - Vulnerability in the PeopleSoft Enterprise SCM product of Oracle PeopleSoft (component: Supplier Portal). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to ...
3 years ago
CVE-2017-10368 - Vulnerability in the PeopleSoft Enterprise SCM eProcurement component of Oracle PeopleSoft Products (subcomponent: Manage Requisition Status). Supported versions that are affected are 9.1.00 and 9.2.00. Easily exploitable vulnerability allows ...
5 years ago
CVE-2020-2899 - Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of Oracle PeopleSoft (component: Purchasing). The supported version that is affected is 9.2. Easily exploitable vulnerability allows high privileged attacker with network access via ...
4 years ago
CVE-2019-2519 - Vulnerability in the PeopleSoft Enterprise SCM eProcurement component of Oracle PeopleSoft Products (subcomponent: Manage Requisition Status). The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated ...
4 years ago
CVE-2024-29195 - The azure-c-shared-utility is a C library for AMQP/MQTT communication to Azure Cloud Services. This library may be used by the Azure IoT C SDK for communication between IoT Hub and IoT Hub devices. An attacker can cause an integer wraparound or ...
8 months ago
Microsoft Mitigates Three Vulnerabilities in Azure HDInsight - Microsoft recently remediated one Denial of Service and two Escalation of Privilege vulnerabilities affecting third party components of Azure HDInsight. The Microsoft Security Response Center continually works with security researchers who discover ...
1 year ago Msrc.microsoft.com
5 Best Practices for Securing Azure Resources - Cloud computing has become the backbone for modern businesses due to its scalability, flexibility and cost-efficiency. As organizations choose cloud service providers to power their technological transformations, they must also properly secure their ...
9 months ago Crowdstrike.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)