Microsoft Azure Health Bot Server-Side Request Forgery (Data Connection Endpoints)
Tenable Research discovered a privilege escalation issue in the Azure Health Bot service via a server-side request forgery (SSRF). This issue allowed researchers access to the service’s internal metadata service (IMDS) and subsequently granted access tokens allowing for the management of cross-tenant resources. The Data Connector utilities used within Azure Health Bot’s Scenario Editor improperly handled redirect responses from user-supplied endpoints. This allowed researchers access to Azure’s IMDS, which gave management access to the internal Microsoft subscription ID governing resources of customers utilizing the Health Bot service. MSRC has assigned this issue a severity rating of Critical - Elevation of Privilege.
Jimi Sebree
Tue, 08/13/2024 - 10:31
You must log in or register to comment.