Cloud Security, Vulnerability Management, Patch/Configuration Management

Azure HDInsight services impacted by new vulnerabilities

Microsoft Azure HDInsight has been identified to have its third-party Apache Hadoop, Kafka, and Spark services affected by three security flaws, which stem from Apache Ambari and Oozie software and have already been remediated by Microsoft in updates issued in October, The Hacker News reports. Attackers could leverage the high-severity Apache Oozie Workflow Scheduler XML External Entity injection and Apache Ambari Java Database Connectivity injection flaws, tracked as CVE-2023-36149 and CVE-2023-38156, respectively, to facilitate privilege escalation, while the other Apache Oozie flaw, which does not have a CVE designation yet, could be exploited to enable a regular expression denial-of-service condition and cause system disruptions, according to an Orca report. "The ReDoS vulnerability on Apache Oozie was caused by a lack of proper input validation and constraint enforcement, and allowed an attacker to request a large range of action IDs and cause an intensive loop operation, leading to a denial-of-service (DoS)," said researcher Lidor Ben Shitrit.

Related

LockBit-leaked DC city agency data from third party

Washington, D.C.'s Department of Insurance, Securities and Banking has disclosed that 800GB of data claimed to have been stolen by the LockBit ransomware operation was obtained from an attack against third-party software provider Tyler Technologies following the ransomware gang's threats to expose 1GB of the exfiltrated data to coerce the agency into providing the demanded ransom, reports The Record, a news site by cybersecurity firm Recorded Future.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.