Microsoft has fixed vulnerabilities in four separate services of its Azure cloud platform, two of which could have allowed attackers to perform a server-side request forgery (SSRF) attack — and thus potentially execute remote code execution — even without authentication to a legitimate account, researchers have found.
Researchers from Orca Security identified four Azure services vulnerable to SSRF — Azure API Management, Azure Functions, Azure Machine Learning, and Azure Digital Twins, they revealed in a blog post published Jan. 17. Further, they were able to exploit the flaws in Azure Functions and Azure Digital Twins by sending requests in the server's name even without having to authenticate to an Azure account, they said.
An SSRF allows an attacker to abuse a server-side application by making requests to read or update internal resources as well as submit data to external sources. This can allow for a host of disruptive activity on the network, including for threat actors to launch various attacks.
This type of attack can be particularly dangerous in a cloud environment if attackers can use it to access the host’s Cloud Instance Metadata Service, or IMDS, "which exposes detailed information on instances — including host name, security group, MAC address, and user-data," explained Lidor Ben Shitrit, cloud security researcher at Orca Security, in the blog post. This allows attackers to retrieve tokens, move to another host, and even execute code, he added.
Built-In SSRF Mitigations
Fortunately in the case of the SSRF vulnerabilities discovered in Azure, the researchers could not exploit them to reach IMDS endpoints thanks to various SSRF mitigations — including setting specific requirements for accessing the IMDS endpoint and requiring an "Identity Header" for the App Service and Azure Functions — that Microsoft already has put in place on their cloud environment, they said.
"By implementing these measures, Microsoft has significantly reduced the potential damage of SSRF attacks on its Azure platform," Shitrit wrote.
However, the flaws still could have been exploited to perform other threat activity, he said. This includes scanning local ports and finding new services, endpoints, and files, thus "providing valuable information on possibly vulnerable servers and services to exploit for initial entry and the location of potential information to target," Shitrit wrote in the blog post.
"The biggest takeaway ... is that a cloud service, if not properly secured, could be exploited by malicious actors as a means to discover sensitive internal endpoints and other services," he tells Dark Reading. This can result in a significant cloud security breach, Shitrit says.
The researchers discovered the four flaws separately over a two month period between mid-October and mid-December, and disclosed each of them to Microsoft soon after they were discovered. In each case, the company responded quickly, taking between days or weeks to mitigate them individually. At this time, no further customer action is required, and researchers have seen no sign that the flaws were exploited in the wild, Shitrit said.
Full SSRF Potential
There are three types of SSRF flaws, the researchers said. Blind SSRF allow an attacker to manipulate a server to make requests but do not elicit a response from a server — making it difficult to determine the success of an attack. Semi-blind SSRF is similar in its ability to make server requests, but an attacker does receive some response from the server that allows for limited information-gathering on the target system.
The four Azure SSRF flaws identified by the researchers fall into the third category of SSRF, called non-blind or full SSRF — the most potent type of attack scenario for a threat actor, the researchers said.
This type of attack occurs when an attacker can manipulate a server to make requests and receive the full response from the server, allowing an attacker to gather more information about the target system to potentially launch further attacks, Shitrit said.
"To give you an idea of how exploitable these vulnerabilities are, non-blind SSRF flaws can be leveraged in many different ways — including SSRF via XXE, SSRF via SVG file, SSRF via proxy, SSRF via PDF rendering, SSRF via vulnerable query string in the URL — and many more," he wrote in the blog post.
Protection and Mitigation
No matter what type of SSRF vulnerability is present on a server, each must be treated seriously by organizations because any type can be used to gain unauthorized access to sensitive information or launch further attacks against a target, the researchers said.
"Therefore, it is important for organizations to properly secure their servers and networks to prevent these types of attacks," Shitrit wrote in the blog post.
Shitrit made two specific recommendations for security teams to mitigate risks from SSRF vulnerabilities. The first is to "never trust user input," he says, because it could be an attempt to commit SSRF, he said.
"In this case, I saw that the internal requests sent by the server could be manipulated by the user in order to reach the internal requests/endpoints so they could reach undesired locations," Shitrit tells Dark Reading.
The second mitigation is to set and define an allow list/whitelist of URLs that can join a server, he advises. This will ensure that if a user with nefarious intent is tapping an unauthenticated SSRF to manipulate a request, the endpoint will return a "not allowed" error, Shitrit says.