Azure Data Factory Bugs Expose Cloud Infrastructure

Three flaws discovered in the way Microsoft's Azure-based data integration service leverages an open source workflow orchestration platform could have allowed an attacker to achieve administrative control over companies’ Azure cloud infrastructures, exposing enterprises to data exfiltration, malware deployment, and unauthorized data access.

Researchers at Palo Alto Networks’ Unit 42 discovered the vulnerabilities – two of which were misconfigurations and the third involved weak authentication – in Azure Data Factory's Apache Airflow integration.

Data Factory enables users to manage data pipelines when moving information between different sources, while Apache Airflow facilitates the scheduling and orchestration of complex workflows.

While Microsoft classified the flaws as low-severity vulnerabilities, Unit 42 researchers found that exploiting them successfully could allow an attacker to gain persistent access as a shadow administrator over the entire Airflow Azure Kubernetes Service (AKS) cluster, they revealed in a blog post published December 17.

Keep reading this article in Dark Reading