Microsoft paid Tenable a bug bounty for an Azure flaw it says doesn’t need a fix, just better documentation
June 5, 2024 at 02:48AM A vulnerability in Microsoft’s Azure cloud allows potential access to other users’ private web resources. The issue stems from Service Tags, potentially allowing cross-tenant attacks. Despite Microsoft’s initial refusal to classify it as a vulnerability, it confirmed the flaw and offered a bug bounty. Subsequently, Microsoft decided to address the … Read more