June 6, 2023

A new vulnerability dubbed AzureScape involving the Azure Container Instances, a cloud service that enables companies to deploy packaged applications in the cloud.

This issue allotted a malicious container to hijack different other containers that were held by different platform users enabling to execute commands in someone’s container. There is no proper indication that this Vulnerability gone wild.

Background on Azure Container Instances

Azure Container Instances (ACI) was the very first Container-as-a-Service (CaaS) that has been contributed by a major cloud provider. The ACI  generally has concerns regarding:-

  • Scaling
  • Request routing
  • Scheduling
  • Implementing a serverless experience for all kinds of containers

Kubernetes CVE-2018-1002102

The API-server infrequently stretches out to Kubelets, but, the CVE-2018-1002102 marks a security problem in how the API-server is acquainted with Kubelets and it has also accepted redirect, and by redirecting the API-server’s send requests to another node’s Kubelet, a malicious Kubelet can develop into a cluster.

The malicious Azure user can easily compromise the multitenant Kubernetes clusters that are hosting ACI and the cluster administrator. The threat actors could perform commands in other customer containers, as well as it can also exfiltrate codes and private images that are extended to the platform, or deploy crypto miners.

Securing ACI

There are some common areas to define configuration and codes for container groups and that includes the following things:-

  • Environment Variables
  • Secret Volumes
  • Azure file share
  • Consult these security best methods resources
  • Azure Container Instances Security Baseline
  • Azure Container Instances Security Considerations
  • Always keep urself updated regarding security-related notifications like this one by configuring Azure Service Health Alerts.

This kind of vulnerabilities is dangerous in nature, and it puts a huge impact on the users. Monitor your workspace for any uninvited threats and mitigate it as soon as possible.

Tags:

1 thought on “AzureScape Vulnerability

  1. Pingback: Patch Tuesday September 2021 – TheCyberThrone

Leave a Reply

Related Post

FabricScape – Impacts Azure Linux Workloads

FabricScape – Impacts Azure Linux Workloads

June 29, 2022
Microsoft Purview! Future of Risk and Governance

Microsoft Purview! Future of Risk and Governance

May 4, 2022

You may have missed

Google Fixes Third Chrome Zeroday

Google Fixes Third Chrome Zeroday

June 6, 2023
Moveit Attributed to Lace Tempest

Moveit Attributed to Lace Tempest

June 6, 2023
Byte Code Bites PYPI

Byte Code Bites PYPI

June 5, 2023
Enzo Biochem Suffers a Data Breach

Enzo Biochem Suffers a Data Breach

June 5, 2023
BlackSuit Ransomware Dissection

BlackSuit Ransomware Dissection

June 4, 2023
TheCyberThrone CyberSecurity Newsletter Top 5 Articles – May, 2023

TheCyberThrone CyberSecurity Newsletter Top 5 Articles – May, 2023

June 4, 2023
%d bloggers like this: