Security News > 2023 > November > Microsoft fixes critical Azure CLI flaw that leaked credentials in logs
Microsoft has fixed a critical security vulnerability that could let attackers steal credentials from GitHub Actions or Azure DevOps logs created using Azure CLI. The vulnerability was reported by security researchers with Palo Alto's Prisma Cloud.
"Customers using the affected CLI commands must update their Azure CLI version to 2.53.1 or above to be protected against the risks of this vulnerability. This also applies to customers with log files created by using these commands through Azure DevOps and/or GitHub Actions."
Microsoft says that customers who recently used Azure CLI commands were notified through the Azure Portal.
Avoid exposing Azure CLI output in logs and/or publicly accessible locations: If developing a script that requires the output value, filter out the property needed for the script.
Microsoft has implemented a new Azure CLI default configuration to bolster security measures, aiming to prevent accidental disclosure of sensitive information.
The new default will roll out to customers who have updated to the latest Azure CLI version, while prior versions are still vulnerable to exploitation.
News URL
Related news
- Critical hardcoded SolarWinds credential now exploited in the wild (source)
- Critical default credential in Kubernetes Image Builder allows SSH root access (source)
- Microsoft creates fake Azure tenants to pull phishers into honeypots (source)
- Microsoft: Chinese hackers use Quad7 botnet to steal credentials (source)
- Microsoft Warns of Chinese Botnet Exploiting Router Flaws for Credential Theft (source)
- Microsoft warns Azure Virtual Desktop users of black screen issues (source)
- Week in review: Microsoft patches actively exploited 0-days, Amazon and HSBC employee data leaked (source)