Microsoft Patches Serious Azure Cloud Security Flaws
A recent article in Dark Reading takes a look at the vulnerabilities Ermetic found in Azure's API Management Service that could allow access sensitive data.
In a recent article for Dark Reading, Elizabeth Montalbano takes a look at the three recently patched vulnerabilities in Microsoft's Azure cloud platform that could have allowed attackers to access sensitive info, deny access to the server or scan the internal network to mount further attacks. The vulnerabilities were first found and reported by the Ermetic Research Team.
The high risk flaws included two SSRF vulnerabilities and a file upload path traversal on an internal Azure workload. Microsoft responded quickly to Ermetic's report of the flaws and fully patched them. No further action is necessary for Azure customers.
Read more about the vulnerabilities and the Research Team's findings in Elizabeth Montalbano's article on Dark Reading.