medium

Azure privilege escalation via Log Analytics role

Published Mon, Sep 13th, 2021

Platforms

Summary

Azure AD users could escalate their privileges using the Log Analytics Contributor role to reach the full Subscription Contributor role.

Affected Services

Log Analytics

Remediation

None required

Tracked CVEs

No tracked CVEs

References

https://www.netspi.com/blog/technical/cloud-penetration-testing/escalating-azure-privileges-with-the-log-analystics-contributor-role/

Contributed by https://github.com/0xdabbad00

Entry Status

Finalized

Disclosure Date

Thu, Oct 15th, 2020

Exploitablity Period

Known ITW Exploitation

Detection Methods

Piercing Index Rating

Discovered by

Karl Fosaaen, NetSPI

More vulnerabilities...

medium

Org policies bypass

Allows an attacker with privileges in the account to share resources outside of the account even when an org policy restricts this, thus enabling them to backdoor their access.

Azurescape

Cross-account container escape

ChaosDB

Azure's Cosmos DB database service was vulnerable to remote account takeover. Any Azure user could gain full admin access to other customers' Cosmos DB instances without authorization. The vulnerab...

Nir Ohfeld, Sagi Tzadik, Wiz

Thu, Aug 26th, 2021

View all