Azure Health Bot Service Vulnerabilities Possibly Exposed Sensitive Data
August 14, 2024 at 11:16AM Tenable researchers identified vulnerabilities in Microsoft’s Azure Health Bot Service that could have been exploited by threat actors to access sensitive patient data. The vulnerabilities involved a data connection feature that allowed bots to interact with external sources, potentially leading to a server-side request forgery (SSRF) vulnerability. Microsoft released server-side … Read more