Microsoft Azure API Management service was discovered to be impacted by three security flaws, including two server-side request forgery bugs and one file upload traversal vulnerability in its developer portal, all of which have already been addressed by Microsoft, The Hacker News
Threat actors could leverage the vulnerabilities to obtain sensitive data and back-end service access, according to an Ermetic report.
"By abusing the SSRF vulnerabilities, attackers could send requests from the service's CORS Proxy and the hosting proxy itself, access internal Azure assets, deny service, and bypass web application firewalls. With the file upload path traversal, attackers could upload malicious files to Azure's hosted internal workload," said Ermetic researcher Liv Matan.
The report also noted that one of the SSRF flaws was meant to evade a fix released by Microsoft to address an identified vulnerability earlier this year, while the path traversal bug was prompted by inadequate file type and uploaded file path validation.
Details regarding the flaws have been published weeks after Microsoft Azure was noted to have a "by-design flaw,'"
which could be exploited to enable storage account access, remote code execution, and lateral movement.