medium

ACSESSED

Published Thu, Dec 22nd, 2022

Platforms

Summary

Azure Cognitive Search (ACS) is a full-text search engine service. A new non-default feature allowed for a network control to bypassed, permitting an attacker to submit search queries to any other tenant's network-isolated ACS instance. However, abusing this required a valid API key to access the data plane of the target, along with a number of pieces of information about the target environment (such as the subscription ID and the name of the index to query).

Affected Services

Cognitive Search

Remediation

None required

Tracked CVEs

No tracked CVEs

References

https://www.mnemonic.io/resources/blog/acsessed-cross-tenant-network-bypass-in-azure-cognitive-search/

Contributed by https://github.com/techbrunch

Entry Status

Finalized

Disclosure Date

Wed, Feb 23rd, 2022

Exploitablity Period

Known ITW Exploitation

Detection Methods

Piercing Index Rating

7.66

(PI:1.5/A1:20/A2:1/A7:1.1/A8:0.7)

Discovered by

Emilien Socchi, mnemonic

More vulnerabilities...

medium

Azure Serverless Functions escape to host

In Azure Serverless Functions, a new container is generated by the host for every function, which is then terminated and deleted after several minutes. Palo Alto discovered that an API call was ava...

Aviv Sasson, Daniel Prizman...

Thu, Dec 15th, 2022

critical

ECR Public vulnerability in undocumented API

A vulnerability in Elastic Container Registry (ECR) Public could have allowed a malicious actor to delete, update, or create ECR Public images, layers, or tags in registries and repositories belong...

Gafnit Amiga, Lightspin

Tue, Dec 13th, 2022

critical

Hell's Keychain

IBM Cloud Databases for PostgreSQL was vulnerable to an attack sequence comprised of PostgreSQL privilege escalation via SQL Injection and chaining of three secrets scattered in the service environ...

Ronen Shustin, Shir Tamari,...

Thu, Dec 1st, 2022

View all