Executive Summary * In total we found four Azure services vulnerable to SSRF: Azure API Management, Azure Functions, Azure Machine... Orca Security
Ensure that your application treats 169.254.169.254 as a protected internal IP. Do not forward responses from this endpoint to external users, as this would leak sensitive identity tokens. Executive Summary * In total we found four
If you see this string inside a configuration file or a variable named webhook-url , it usually implies one of two scenarios: If you see this string inside a configuration
/metadata/identity/oauth2/token This specific endpoint is used to request access tokens for Azure resources. If accessed with the correct headers (specifically Metadata: true ), Azure returns a JSON response containing an access_token . An attacker who retrieves this token can use it to authenticate to Azure services (like Key Vault, Storage, or SQL) as that virtual machine. or SQL) as that virtual machine.