Unauthenticated SSRF Vulnerability on Azure Digital Twins Explorer
In this blog we describe how we uncovered an SSRF Vulnerability in the Azure DigitalTwins Explorer service, allowing any unauthenticated...
In this blog we describe how we uncovered an SSRF Vulnerability in the Azure DigitalTwins Explorer service, allowing any unauthenticated...
In this blog we describe how we uncovered an SSRF Vulnerability in Azure Functions allowing any unauthenticated user to request...
In this blog we describe how we uncovered an important Server-Side Request Forgery (SSRF) Vulnerability on Azure API Management Service,...
In this blog we describe how we uncovered an SSRF Vulnerability in the Azure Machine Learning service, allowing any authenticated...
It’s been a busy year in cloud security. We’ve seen data breaches, tens of thousands of new vulnerabilities, and an...
The Orca Research Pod has discovered CosMiss, a vulnerability in Microsoft Azure Cosmos DB where authentication checks were missing from...
The Orca Research Pod has discovered FabriXss, a vulnerability in Azure Service Fabric Explorer
Orca Security has released the 2022 State of the Public Cloud Security report, which provides crucial insights into the current...
The story of a simple race condition leading to a local privilege escalation vulnerability in Azure Synapse Analytics