As a software developer, it is your job to be aware of new vulnerabilities and fixes that are in store for the future. This particular vulnerability is currently being addressed by Microsoft’s Azure App Service team. Customers don’t need to panic since this was an isolated incident and no personal data has been compromised.,
The “kudu vulnerability” is a recent security flaw that has been discovered in the Azure App Service. This vulnerability allows attackers to steal customer source code from the Azure App Service.
Alexandru Poloboc is an author.
Editor of the News
Alex spent the most of his time working as a news reporter, anchor, and on TV and radio, with an overriding drive to always get to the bottom of things and find the truth… Continue reading
Customers’ PHP, Node, Python, Ruby, or Java source code was recently exposed due to a security issue discovered in the Azure App Service, a Microsoft-managed platform for creating and hosting web applications.
Even more concerning is the fact that this has been going on for at least four years, starting in 2017.
This problem also affected Azure App Service Linux clients, although it had no effect on IIS-based apps deployed by Azure App Service Windows customers.
Microsoft was informed about a potentially deadly problem by security experts.
Small groups of consumers are still possibly vulnerable, according to Wiz security experts, and they need take certain user steps to secure their apps.
Details concerning this approach may be found in many Microsoft email notifications sent out between December 7 and 15, 2021.
By launching their own vulnerable app, the researchers tested their idea that the unsafe default behavior in Azure App Service Linux was likely abused in the wild.
They also witnessed the first efforts by threat actors to access the contents of the exposed source code folder after just four days.
Even while this might indicate that attackers are already aware of the NotLegit weakness and are looking for exposed Azure App Service applications’ source code, these scans could equally be explained as normal.git folder checks.
After discovering public.git folders, malicious third parties have gotten access to material belonging to high-profile companies, so it’s not really a matter of if, but rather when.
All PHP, Node, Python, Ruby, and Java Azure App Service apps written to provide static content if deployed using Local Git on a clean default application in Azure App Service beginning in 2013 are impacted.
Or, if you’ve been utilizing any Git source in Azure App Service since 2013, when a file was created or edited in the app container.
After allowing in-place deployment or uploading the.git folder to the content directory, Microsoft accepted the information and the Azure App Service team, working with MSRC, have already issued a remedy aimed to cover most affected customers and informed all customers remaining exposed.
As outlined in multiple email advisories Microsoft provided between the 7th and 15th of December 2021, certain groups of customers are still possibly vulnerable and should take particular user steps to secure their apps.
The Redmond-based tech behemoth patched the problem by modifying PHP images to prevent the.git folder from being served as static content.
A new section on appropriately safeguarding applications’ source code and in-place deployments has been added to the Azure App Service docs.
A disclosure chronology may be found in Microsoft’s blog post if you wish to learn more about the NotLegit security issue.
What are your thoughts on the situation? Please let us know what you think in the comments area below.
Was this page of assistance to you?
Thank you very much!
There are insufficient details It’s difficult to comprehend Other Speak with a Professional
Start a discussion.
Watch This Video-
The “cosmosdb exploit” is a vulnerability in the Azure App Service that has been present for quite some time. The vulnerability exposes customer source code.
- azure vulnerability scanning
- azure vulnerabilities
- microsoft notifies customers azure that exposed
- cosmos data breach