Note on Microsoft Azure SSRF Mitigations. In 2020, Microsoft implemented several measures to mitigate the impact of SSRF attacks o... Orca Security
When a legitimate application on a cloud VM needs permission to talk to a database or storage bucket, it asks 169.254.169.254 for a token. The cloud platform then cryptographically signs a token saying, "This server is allowed to do X." Note on Microsoft Azure SSRF Mitigations
asks the Azure fabric for a token representing the server's identity. If successful, the server receives a JSON Web Token (JWT) Token Exfiltration The cloud platform then cryptographically signs a token
| Severity | High/Critical | | :--- | :--- | | | High Risk. Exposure of cloud credentials (Managed Identity tokens). | | Integrity | Medium Risk. Stolen credentials could allow modification of cloud resources. | | Availability | Low Risk. Potential for resource deletion using stolen credentials. | | | Integrity | Medium Risk