Advertisement
Top
image credit: Freepik

CSRF Vulnerability in Kudu SCM Allowed Code Execution in Azure Services

January 19, 2023

Via: Security Week
Category:

A web-based Git repository manager, Kudu is the engine behind several Azure App Service features, supporting the deployment and management of code in Azure. The service is used by Functions, App Service, Logic Apps, and other Azure services.

Administrators can manage Azure applications from the SCM panel, which uses Kudu and which requires Azure Active Directory (AAD) authentication. The SCM panel is deployed by default by the App Service, Function Apps, and Logic Apps Azure services.

Read More on Security Week

RELATED PUBLICATIONS

Palo Alto Networks Warns of Exploited Firewall Vulnerability
Fortinet Warns of Severe SQLi Vulnerability in FortiClientEMS Software
CISA Warns of Actively Exploited JetBrains TeamCity Vulnerability

Latest Publications

U.S. Gov imposed Visa restrictions on 13 individuals linked to commercial spyware activity
Report: Russian Hackers Targeting Ukrainian Soldiers on Apps
iPhone Users Are Being Targeted by MFA Bombs, Here’s What We Know
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!