Home > Cyber News > CVE-2023-23383: Dangerous Flaw in Azure SFX
CYBER NEWS

CVE-2023-23383: Dangerous Flaw in Azure SFX

by   |  Last Update:  |  0 Comments  

A vulnerability in Azure Service Fabric Explorer (SFX) was recently patched.

CVE-2023-23383: Discovery and Technical Overview

Security firm Orca discovered a serious security flaw in Azure Service Fabric Explorer that could be taken advantage of by sending a constructed URL to any Azure Service Fabric user. The vulnerability was caused by a vulnerable ‘Node Name’ parameter, which could be used to embed an iframe in the user’s environment.

CVE-2022-38023 CVE-2022-37966 CVE-2022-37967 CVE-2022-45141

This iframe then fetches remote files from a server that is managed by the attacker, resulting in the activation of a malicious PowerShell reverse shell. This attack sequence can eventually lead to remote code execution on the container that is deployed to the cluster, potentially allowing the attacker to gain control of vital systems.

The vulnerability, known as “Super FabriXss” (CVE-2023-23383 with a CVSS score of 8.2), is an upgrade of a previously patched FabriXss flaw – CVE-2022-35829, CVSS score 6.2.




According to Orca security researcher Lidor Ben Shitrit, this vulnerability allows attackers to execute code remotely on a Service Fabric node without the need for authentication. This is possible due to an XSS injection attack, in which malicious code is uploaded to a seemingly trusted website, and then executed each time a user visits.

While both FabriXss and Super FabriXss involve XSS, Super FabriXss has more serious implications as it can be weaponized to gain control of affected systems.

In March 2023, Orca Security discovered a dangerous Cross-Site Scripting (XSS) vulnerability, referred to as Super FabriXss (CVE-2023-23383), within Azure Service Fabric Explorer (SFX). This vulnerability enabled unauthenticated remote attackers to execute code on a container hosted on a Service Fabric node.

Once notified, Microsoft Security Response Center (MSRC) investigated the issue and assigned it CVE-2023-23383 (CVSS 8.2) with ‘Important’ severity. Microsoft released a fix and included it in their March 2023 Patch Tuesday, thus allowing users to protect themselves against this vulnerability.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Related posts:
  1. CVE-2021-38647: OMIGOD Flaws Could Allow Attackers to Target Azure Cloud Customers Four security vulnerabilities, recently addressed in Microsoft Windows Patch Tuesday...
  2. Adobe Patches 112 Vulnerabilities in Latest Patch Package (CVE-2018-5007) Adobe has released the latest patch package that addresses a...
  3. CVE-2022-29972 Azure Vulnerability Could Allow Remote Execution Attacks CVE-2022-29972 is a security vulnerability in Azure Synapse and Azure...
  4. SUSE and Microsoft Announce Enterprise Linux Kernel for Azure A new announcement has been made in regards of SUSE...
  5. January 2023 Patch Tuesday Fixes Actively Exploited CVE-2023-21674 The first Patch Tuesday fixes shipped by Microsoft for 2023...
  6. How to Check SFX Self-Extracting .exe Archives Online This article aims to show you how to protect yourself...
  7. Remove Super Mac Cleaner PUP This article will help you to remove Super Mac Cleaner...
  8. 6 Cybersecurity Tactics to Protect Against XSS Attacks Cross-site scripting (XSS) is nothing to take lightly. As simultaneously...

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree