Azure Machine Learning に影響がある SSRF 脆弱性 の軽減について
Monday, June 17, 2024
本ブログは、Mitigating SSRF Vulnerabilities Impacting Azure Machine Learning の抄訳版です。最新の情報は原文を参照してください。 概要 2024
Month Archives: June 2024
Mitigating SSRF Vulnerabilities Impacting Azure Machine Learning
Monday, June 17, 2024
Summary On May 9, 2024, Microsoft successfully addressed multiple vulnerabilities within the Azure Machine Learning (AML) service, which were initially discovered by security research firms Wiz and Tenable. These vulnerabilities, which included Server-Side Request Forgeries (SSRF) and a path traversal vulnerability, posed potential risks for information exposure and service disruption via Denial-of-Service (DOS).
2024 年 6 月のセキュリティ更新プログラム (月例)
Tuesday, June 11, 2024
2024 年 6 月 11 日 (米国時間) 、マイクロソフトは、マイクロソフト製品に影響する脆弱性を修正するために、セキ
Azure ネットワーク サービス タグのガイダンスの改善
Wednesday, June 05, 2024
本ブログは、Improved Guidance for Azure Network Service Tags の抄訳版です。最新の情報は原文を参照してください。 概要 Microsoft Security Response
Improved Guidance for Azure Network Service Tags
Monday, June 03, 2024
Summary Microsoft Security Response Center (MSRC) was notified in January 2024 by our industry partner, Tenable Inc., about the potential for cross-tenant access to web resources using the service tags feature. Microsoft acknowledged that Tenable provided a valuable contribution to the Azure community by highlighting that it can be easily misunderstood how to use service tags and their intended purpose.