Unknown

Azure Machine Learning SSRF

Published Mon, Jun 17th, 2024

Platforms

Summary

Affected Services

Azure Machine Learning

Tracked CVEs

No tracked CVEs

References

https://msrc.microsoft.com/blog/2024/06/mitigating-ssrf-vulnerabilities-impacting-azure-machine-learning/https://www.tenable.com/security/research/tra-2024-22

Entry Status

Stub

Disclosure Date

Exploitablity Period

Known ITW Exploitation

Detection Methods

Piercing Index Rating

Discovered by

Tenable, Wiz

More vulnerabilities...

Internal Azure Container Registry writable via exposed secret

A Microsoft employee accidentally published credentials via a git commit to a public repository. These credentials granted privileged access to an internal Azure Container Registry (ACR) used by Az...

Yakir Kadkoda, Assaf Morag,...

Thu, May 16th, 2024

critical

Lethal Injection

Multiple vulnerabilities were uncovered in Azure Health Bot service, Microsoft's health chatbot platform. These could have potentially exposed sensitive user data and granted attackers extensive co...

Yanir Tsarimi, Breachproof

Tue, May 7th, 2024

medium

GraphNinja

A vulnerability in Microsoft Graph allowed attackers to conduct password-spray attacks without detection. The issue involved switching the 'common' authentication endpoint with that of an unrelated...

Nyx Geek, TrustedSec

Mon, Apr 29th, 2024

View all