VDB

GCVE-110-CLOUD-2024-0035

GCVE-110-CLOUD-2024-0035
Advisory Published
Vulnetix · Advisory published June 3, 2024
Tenable Research discovered a vulnerability in Azure allowing attackers to bypass firewall rules based on Service Tags by forging requests from trusted services. It affects over 10 Azure services and enables access to internal/private Azure resources. Microsoft updated documentation to clarify Service Tags' security limitations.

Affected Products

VendorProductVersionsPlatforms
AzureApplication Insights, DevOps, Machine Learning, Logic Apps, Container Registry, Load Testing, API Management, Data Factory, Action Group, AI Video Indexer, Chaos Studio
AzureCloud Services

References

advisory
advisory

Browse GCVE Records

73,161 records in the GCVE database · Updated July 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›