In a recent report, security company Tenable claimed to have discovered a high-severity vulnerability in Microsoft Azure that could potentially allow for a cross-tenant attack. The vulnerability involves bypassing Azure service tag-based firewall rules, which are used for enabling firewall whitelisting for Azure services. Attackers could exploit this flaw by sending customizable HTTP requests through an Azure service to gain access to company resources, even with firewalls configured to allow passage.
Microsoft responded to Tenable’s disclosure of the attack proof of concept by awarding a bug bounty but later stated that Tenable had not actually found a server-side request forgery flaw or firewall bypass vulnerability. Microsoft attributed the issue to customers not fully understanding how to configure service tags and their intended purpose. Instead of relying solely on service tags for protection, Microsoft emphasized the importance of authenticating web requests to prevent vulnerabilities associated with web traffic.
Tenable, however, maintains that it did uncover a security vulnerability, despite Microsoft’s assessment. While adding authentication can enhance security measures, it does not address the fundamental problem. The issue highlights the need for a multi-layered security approach and validates only trusted network traffic for service tags to enhance cloud security.
Noam Dahan, research manager at Tenable, pointed out potential limitations for attackers, such as needing to know or guess the target Azure domain. While this may pose a challenge, leaked information or other methods could help attackers deduce the domain and exploit the vulnerability. Microsoft’s recommendation to mitigate these risks is to include authentication tokens in HTTPS headers for added security.
In conclusion, the recent security investigation by Tenable on Azure’s vulnerability underscores the importance of understanding and configuring cloud environments properly. Microsoft advises customers to take a proactive approach to cloud security by implementing multi-layered security measures, including authenticating web requests and validating only trusted network traffic. By addressing these vulnerabilities, organizations can better protect their cloud infrastructure from potential threats and unauthorized access.
Article Source
https://www.bankinfosecurity.com/microsoft-says-azure-cloud-attack-scenario-isnt-flaw-a-25435
