Описание
Azure MCP Server Tools Elevation of Privilege Vulnerability
Server-side request forgery (ssrf) in Azure MCP Server allows an authorized attacker to elevate privileges over a network.
FAQ
How could an attacker exploit this vulnerability?
An attacker could exploit this issue by sending specially crafted input to an Azure Model Context Protocol (MCP) Server tool that accepts user‑provided parameters. If the attacker can interact with the MCP‑backed agent, they can submit a malicious URL in place of a normal Azure resource identifier. The MCP Server then sends an outbound request to that URL and, in doing so, may include its managed identity token. This allows the attacker to capture that token without requiring administrative access.
What privileges could be gained by an attacker who successfully exploited the vulnerability?
A successful attacker could obtain the permissions associated with the MCP Server’s managed identity. This may allow the attacker to access or perform actions on any resources that the managed identity is authorized to reach. The attacker does not gain broader tenant‑level or administrator permissions; only those tied to the compromised managed identity.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Azure MCP Server Tools 2.0.0 (NuGet) | ||
| Azure MCP Server Tools 2.0.0 (npm) | ||
| Azure MCP Server Tools 2.0.0 (PyPi) | ||
| Azure MCP Server Tools 1.0.0 (NuGet) | ||
| Azure MCP Server Tools 1.0.0 (npm) |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
EPSS
8.8 High
CVSS3
Связанные уязвимости
Server-side request forgery (ssrf) in Azure MCP Server allows an authorized attacker to elevate privileges over a network.
Azure MCP Server has Server-Side Request Forgery issue that allows authorized attacker to elevate privileges over a network
Уязвимость сервиса Azure MCP Server Tools, связанная с недостаточной проверкой запросов на стороне сервера, позволяющая нарушителю повысить свои привилегии
EPSS
8.8 High
CVSS3