Summary
Legit Security found an RCE vulnerability in Azure Pipelines that could have allowed an
attacker to gain complete control of variables and tasks by exploiting logging commands.
This would have enabled them to execute malicious code in a context of a pipeline workflow,
which would have granted them access to sensitive secrets such as cloud deployment keys,
move laterally in the organization, and potentially initiate supply chain attacks.
To exploit this vulnerability, an attacker would have needed permissions to create
a pull request or push a commit in a repo integrated with Pipelines.
Affected Services
Azure Pipelines, Azure DevOps Services, Azure DevOps Server
Remediation
None required
Tracked CVEs
CVE-2023-21553
References
Contributed by https://github.com/mer-b
Entry Status
Finalized
Disclosure Date
Mon, Sep 5th, 2022
Exploitablity Period
-
Known ITW Exploitation
-
Detection Methods
-
Piercing Index Rating
-
Discovered by
Nadav Noy, Legit Security
