Low-Code Tools in Microsoft Azure Allowed Unprivileged Access
Using the API Connections for Azure Logic Apps, a security researcher found unauthenticated users could access sensitive data of other customers.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Using the API Connections for Azure Logic Apps, a security researcher found unauthenticated users could access sensitive data of other customers.
Microsoft fixed a security flaw in the Power Platform Custom Connectors feature that let unauthenticated attackers access cross-tenant applications and Azure customers' sensitive data after being called "grossly irresponsible" by Tenable's CEO. [...]
The vulnerability would have allowed an unauthenticated attacker to execute code on a container hosted on one of the platform's nodes.
Details have emerged about a now-patched vulnerability in Azure Service Fabric Explorer (SFX) that could lead to unauthenticated remote code execution
Analysts at Orca Security have found a critical vulnerability affecting Azure Cosmos DB that allowed unauthenticated read and write access to containers. [...]