What type of information could be disclosed by this vulnerability? Exploiting this vulnerability could allow a low privileged user to gain virtual machine credentials as well as credentials to extensions associated with the virtual machine. What are some of the services affected by this vulnerability? The following table lists some of the affected services, and the changes associated with the remedy for this vulnerability: Affected Product Remedy Action on customers Azure Container Instance The ability for containers to be able to talk to the metadata and wireserver endpoints was disabled as part of this release. The underlying platform now applies network ACLs to block the outgoing traffic to those services. None Azure Service Fabric The ability to block containers access the metadata and wireserver endpoints has been made available in the calendar year 2022. The underlying platform allows applying network ACLs to block the outgoing traffic to those services. Customers can disable access by setting the BlockAccessToWireServer feature flag to "True" in their Service Fabric cluster definition. Azure Kubernetes Service Containers not running in host network can no longer access wireserver since node image 2020.10.15. Customers running image version below 2020.10.15 should update to this version or a later version. See the Security Updates table for the link to updating instructions. Azure Container Registry The ability for containers running on ACR Tasks to access wireserver was blocked as a part of this release. None Azure Spring Cloud The ability for containers to be able to talk to the wireserver endpoints was disabled as part of this release. None
Paul Litvak of <a href="https://www.intezer.com/">Intezer</a>, <a href="https://twitter.com/wtm_offensi">wtm</a> at <a href="https://offensi.com">Offensi</a>