Mitigating SSRF Vulnerabilities Impacting Azure Machine Learning

  • Thread starter Thread starter MSRC
  • Start date Start date
M

MSRC

Summary On May 9, 2024, Microsoft successfully addressed multiple vulnerabilities within the Azure Machine Learning (AML) service, which were initially discovered by security research firms Wiz and Tenable. These vulnerabilities, which included Server-Side Request Forgeries (SSRF) and a path traversal vulnerability, posed potential risks for information exposure and service disruption via Denial-of-Service (DOS).

Continue reading...
 
Back
Top