Security
Headlines
HeadlinesLatestCVEs

Headline

Researchers Detail Azure SFX Flaw That Could've Allowed Attackers to Gain Admin Access

Cybersecurity researchers have shared more details about a now-patched security flaw in Azure Service Fabric Explorer (SFX) that could potentially enable an attacker to gain administrator privileges on the cluster. The vulnerability, tracked as CVE-2022-35829, carries a CVSS severity rating of 6.2 and was addressed by Microsoft as part of its Patch Tuesday updates last week.

Orca

The Hacker News
#xss#vulnerability#microsoft#The Hacker News

Cybersecurity researchers have shared more details about a now-patched security flaw in Azure Service Fabric Explorer (SFX) that could potentially enable an attacker to gain administrator privileges on the cluster.

The vulnerability, tracked as CVE-2022-35829, carries a CVSS severity rating of 6.2 and was addressed by Microsoft as part of its Patch Tuesday updates last week.

Orca Security, which discovered and reported the flaw to the tech giant on August 11, 2022, dubbed the vulnerability FabriXss (pronounced “fabrics”). It impacts Azure Fabric Explorer version 8.1.316 and prior.

SFX is described by Microsoft as an open-source tool for inspecting and managing Azure Service Fabric clusters, a distributed systems platform that’s used to build and deploy microservices-based cloud applications.

The vulnerability is rooted in the fact that a user with permissions to “Create Compose Application” through the SFX client can leverage the privileges to create a rogue app and abuse a stored cross-site scripting (XSS) flaw in the “Application name” field to slip the payload.

Armed with this exploit, an adversary can send the specially crafted input during the application creation step, eventually leading to its execution.

“This includes performing a Cluster Node reset, which erases all customized settings such as passwords and security configurations, allowing an attacker to create new passwords and gain full Administrator permissions,” Orca Security researchers Lidor Ben Shitrit and Roee Sagi said.

Found this article interesting? Follow THN on Facebook, Twitter and LinkedIn to read more exclusive content we post.

Related news

Researchers Detail Severe "Super FabriXss" Vulnerability in Microsoft Azure SFX

Details have emerged about a now-patched vulnerability in Azure Service Fabric Explorer (SFX) that could lead to unauthenticated remote code execution. Tracked as CVE-2023-23383 (CVSS score: 8.2), the issue has been dubbed "Super FabriXss" by Orca Security, a nod to the FabriXss flaw (CVE-2022-35829, CVSS score: 6.2) that was fixed by Microsoft in October 2022. "The Super FabriXss vulnerability

Awareness and guidance related to potential Service Fabric Explorer (SFX) v1 web client risk

Summary Microsoft was recently made aware of a Cross-Site Scripting (XSS) vulnerability (CVE-2022-35829), that under limited circumstances, affects older versions of Service Fabric Explorer (SFX). The current default SFX web client (SFXv2) is not vulnerable to this attack. However, customers can manually switch from the default web client (SFXv2) to an older vulnerable SFX web … Awareness and guidance related to potential Service Fabric Explorer (SFX) v1 web client risk Read More »

Awareness and guidance related to potential Service Fabric Explorer (SFX) v1 web client risk

Summary Summary Microsoft was recently made aware of a Cross-Site Scripting (XSS) vulnerability (CVE-2022-35829), that under limited circumstances, affects older versions of Service Fabric Explorer (SFX). The current default SFX web client (SFXv2) is not vulnerable to this attack. However, customers can manually switch from the default web client (SFXv2) to an older vulnerable SFX web client version (SFXv1).

CVE-2022-35829

Service Fabric Explorer Spoofing Vulnerability.