I was able to access #Azure user credentials and run code on other customers’ machines.
The vulnerability is called #SynLapse.
It was a vulnerability in Azure Synapse Analytics (@Azure_Synapse) & Azure Data Factory, exploiting a major flaw in the tenant separation.
(1/3)
Through access to an internal API server I was able to:
- Obtain access to other customers’ Synapse workspaces
- Perform API operations like adding/deleting resources
- Run code on their service machines
- Most importantly: leak all credentials they stored in the service.
(2/3)
This blog is an advisory surrounding this issue, where the root attack vector was patched and assigned CVE-2022-29972.
>>> Technical details soon.
>>> Microsoft’s blog is in the comments.