Monday, February 8, 2021

Azure Functions Elevation of Privilege Vulnerability

 Executive Summary 

An elevation of privilege vulnerability exists in the way Azure Functions validate access keys.


An unauthenticated attacker who successfully exploited this vulnerability could invoke an HTTP Function without proper authorization.


This security update addresses the vulnerability by correctly validating access keys used to access HTTP Functions.


 Update & Detail Azure Functions Elevation of Privilege Vulnerability 
 

Copyright © 2020 Cyber Details - Vulnerability Database™

Thanks for everything Templateism - You should have written the code a little more complicated