Azure service tags vulnerability highlighted by Tenable | TechTarget

Azure service tags vulnerability highlighted by Tenable | TechTarget

Tenable discovered a high-severity vulnerability in Microsoft’s Azure Network service tags that could allow attackers to bypass firewall rules. Microsoft, however, rejected the classification of the issue as a vulnerability and instead provided customers with enhanced guidance on mitigating the risk. While Microsoft acknowledged Tenable’s contribution to the Azure community, the company stated that service … Read more

Microsoft Rewards Tenable Bug Bounty for Azure Vulnerability, Deems Fix Unnecessary but Documentation Improvement Required.

Microsoft Rewards Tenable Bug Bounty for Azure Vulnerability, Deems Fix Unnecessary but Documentation Improvement Required.

A security flaw in Microsoft’s Azure cloud discovered by Tenable Vulnerability Assessment Team researchers allows bad actors to bypass firewall rules and access private web resources of other Azure customers. The issue stems from service tags in Azure that group IP addresses used by Azure services. Tenable warns that a rogue Azure customer could exploit … Read more