Microsoft has contradicted a Tenable report describing a high-severity vulnerability within Azure Service Tags that could be exploited to facilitate Azure service spoofing and firewall rule bypass, emphasizing service tags' purpose as routing mechanisms that should be used along with validation controls, according to BleepingComputer."Service tags are not a comprehensive way to secure traffic to a customer's origin and do not replace input validation to prevent vulnerabilities that may be associated with web request," said Microsoft.However, such an issue — which also affects Azure DevOps, Azure API Management, Azure Machine Learning, and seven other Azure services — was noted by Tenable researcher Liv Matan to be potentially leveraged by threat actors to compromise private data from Azure clients."When configuring Azure services' network rules, bear in mind that Service Tags are not a watertight way to secure traffic to your private service. By ensuring that strong network authentication is maintained, users can defend themselves with an additional and crucial layer of security," said Matan.
Cloud Security, Threat Management, Threat Intelligence
Microsoft disputes Azure Service Tags vulnerability
(Adobe Stock Images)
An In-Depth Guide to Cloud Security
Get essential knowledge and practical strategies to fortify your cloud security.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds