Improper neutralization of special elements in output used by a downstream component ('injection') in Azure Machine Learning allows an unauthorized attacker to perform spoofing over a network.
According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of confidentiality (C:H), and some loss of integrity (I:L), but no loss of availability (A:N). What does that mean for this vulnerability? An attacker who successfully exploited this vulnerability could view sensitive information, (Confidentiality), and make some changes to disclosed information (Integrity), but they would not be able to affect Availability. According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? Exploitation would require a user to open or view a maliciously crafted notebook so that the affected content is rendered. According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? An exploited vulnerability can affect resources beyond the security scope managed by the security authority of the vulnerable component. In this case, the vulnerable component and the impacted component are different and managed by different security authorities. How could an attacker exploit this vulnerability? An attacker could create or import a specially crafted Azure ML notebook containing malicious styling content in a Markdown cell, which may be rendered when the notebook is viewed and could expose sensitive information displayed within the Azure ML web interface.
Jianyang Song