​Security researchers at Tenable discovered what they describe as a high-severity vulnerability in Azure Service Tag that could allow attackers to access customers’ private data.

  • a lil bee 🐝@lemmy.world
    link
    fedilink
    English
    arrow-up
    10
    ·
    6 months ago

    That’s not really what they said though. They said that this is not intended as a security mechanism, which is debatable from their original docs. They are maintaining that this was always intended to be used for routing and not as a source for block/allow lists. Frankly, regardless of your opinion on whether Microsoft is misrepresenting their original docs, nobody should be using Service Tags as security. Microsoft is completely correct there.