Lucene search

K

Microsoft Security Response CenterMSRC:A7F2A02AB0A385936536F555B2BC9240

HistoryJun 17, 2024 - 7:00 a.m.

Mitigating SSRF Vulnerabilities Impacting Azure Machine Learning

2024-06-1707:00:00

Microsoft Security Response Center

msrc.microsoft.com

5

azure machine learning

ssrf

vulnerabilities

information exposure

dos

security

microsoft

wiz

tenable

7.4 High

AI Score

Confidence

Low

Summary On May 9, 2024, Microsoft successfully addressed multiple vulnerabilities within the Azure Machine Learning (AML) service, which were initially discovered by security research firms Wiz and Tenable. These vulnerabilities, which included Server-Side Request Forgeries (SSRF) and a path traversal vulnerability, posed potential risks for information exposure and service disruption via Denial-of-Service (DOS).

7.4 High

AI Score

Confidence

Low