"Microsoft Azure HDInsight Bugs Expose Big Data to Breaches"

Microsoft Azure's big-data analytics service, HDInsight, has three high-risk vulnerabilities. Orca Security has released new findings regarding one Denial-of-Service (DoS) vulnerability and two privilege escalation bugs affecting the service. These vulnerabilities invite performance issues, unauthorized administrative access, and all of the associated risks. Attackers could read, write, delete, and conduct any other management operations on an organization's sensitive data. One of the vulnerabilities stems from a lack of proper user input validation, which allows XML External Entity (XXE) injection attacks. This article continues to discuss the three new bugs in Azure HDInsight and why such vulnerabilities are significant. 

Dark Reading reports "Microsoft Azure HDInsight Bugs Expose Big Data to Breaches"

Submitted by grigby1