You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The Linux containers in Azure Function Apps utilize an encrypted start up context file hosted in Azure Storage Accounts The Storage Account URL and the decryption key are stored in the container environmental variables and are available to anyone with the ability to execute commands in the container This startup context can be decrypted to expose sensitive data about the Function App, including the certificates for any attached Managed Identities, allowing an attacker to gain persistence as the Managed Identity. As of the November 11, 2023, this issue has been fully addressed by Microsoft.
Summary (give a brief description of the issue)
The Linux containers in Azure Function Apps utilize an encrypted start up context file hosted in Azure Storage Accounts The Storage Account URL and the decryption key are stored in the container environmental variables and are available to anyone with the ability to execute commands in the container This startup context can be decrypted to expose sensitive data about the Function App, including the certificates for any attached Managed Identities, allowing an attacker to gain persistence as the Managed Identity. As of the November 11, 2023, this issue has been fully addressed by Microsoft.
References (provide links to blogposts, etc.)
https://www.netspi.com/blog/technical/cloud-penetration-testing/mistaken-identity-azure-function-apps/
The text was updated successfully, but these errors were encountered: