Researchers found new vulnerabilities in the Azure cloud environment.
Researcher analysis discovered two vulnerabilities in the Azure cloud environment, and these vulnerabilities are mainly affecting the Linux Servers. The vulnerabilities are Kudo lite Takeover/Eop and Lack of access check-in Kudu lite.
KuduLite is the engine behind git/hg deployments and various other Azure Web Sites features on Linux. Kudo provides web-ssh access for users without using a password. The SSH server used the hardcoded credentials "root: Docker" to access the application nodes with root privileges in Azure, for that reason allowing a hacker to control the SCM web server. It also allows adding pages and injecting malicious scripts on the user's web page.
The second vulnerability is detected in KuduLite API, and the application nod's sending a request to KudoApi without asking any security questions. This can allow a hacker to illegally access the application's nodes system.