- Orca Research Pod has found and reported server-side request forgery (SSRF) vulnerabilities in four different Azure services.
- After spotting the attack, Orca Security reported the incident to Microsoft immediately, which then fixed the issue promptly.
- Server-side request forgery (SSRF) is a type of computer security exploit where an attacker abuses the functionality of a server.
Orca Research Pod, a platform where Orca Security experts examine cloud risks and vulnerabilities, has spotted a server-side request forgery (SSRF) in four different Azure services; Azure API Management, Azure Functions, Azure Machine Learning, and Azure Digital Twins. Server-Side Request Forgery is a type of web application attack that allows an attacker to send malicious requests from a vulnerable web application.
Details of the vulnerabilities
Orca Research Pod reached out to the Microsoft Security Response Center (MSRC) after discovering the vulnerabilities and the issues were fixed promptly.
- In total there were four Azure services vulnerable to SSRF: Azure API Management, Azure Functions, Azure Machine Learning, and Azure Digital Twins.
- Orca managed to exploit two vulnerabilities without requiring any authentication on the service (Azure Functions and Azure Digital Twins), allowing them to send requests in the name of the server without even having an Azure account.
- It was discovered that Azure SSRF vulnerabilities allowed an attacker to scan local ports, and find new services, endpoints, and files.
Below are the overview and timeline of the vulnerabilities: