Four Azure services vulnerable to sever-ride request forgery

The vulnerable services include Azure API Management, Azure Functions, Azure Machine Learning, and Azure Digitals, according to a blog post Tuesday by Orca Security. Among them, two vulnerabilities involving Azure Functions and Azure Digital Twins did not require authentication, meaning that an attacker could exploit them even without an Azure account.  

Related Keywords

United States , Canada , Lidor Ben Shitrit , Dror Zalman , Capital One , Identity Header For The App Service , Oracle Cloud Services , Microsoft , Microsoft Azure , Server Side Request Forgery , Azure Functions , Azure Machine Learning , Azure Digitals , Azure Digital Twins , Ben Shitrit , Azure Functions App , Microsoft Security , Identity Header , App Service ,