According to the researchers, Microsoft classified these flaws as low severity they pose a significant risk as they could allow attackers to conduct covert activities such as data exfiltration, malware deployment, and tampering with log data. The vulnerabilities involve misconfigured Kubernetes RBAC in the Airflow cluster, improper secret handling in Azure's Geneva service, and weak authentication for Geneva.

The attack scenario begins with the creation of a directed acyclic graph (DAG) file which is uploaded to a private GitHub repository linked to the Airflow cluster. This DAG file could be modified to launch a reverse shell to an external server once it is imported. To gain access, the attacker needs to obtain write permissions for the storage account containing the DAG files, either through a compromised service principal, shared access signature (SAS) token, or by breaking into a Git repository using leaked credentials. Although the reverse shell runs under minimal Airflow user permissions, further analysis uncovered a service account with cluster-admin permissions, which allowed the attacker to escalate their privileges.

Once the attacker gains access to the Airflow runner pod, they can download kubectl and control the entire AKS cluster. By deploying a privileged pod and breaking out onto the underlying node the attacker could gain root access to the host virtual machine (VM) allowing them to move laterally within the cloud environment. This could lead to unauthorized access to Azure-managed internal resources such as Geneva which provide write access to storage accounts and event hubs. In this situation, attackers could manipulate the Airflow environment create new pods, modify service accounts, or send fake logs to Geneva without triggering any alarms.

This disclosure underscores the critical need for careful management of service permissions and monitoring of third-party services to prevent unauthorized access. Similarly, the report highlights the importance of properly configuring role-based access control (RBAC) to avoid privilege escalation scenarios.

This issue is further exemplified by another vulnerability discovered in Azure Key Vault, where users with the Key Vault Contributor role could bypass restrictions and gain unauthorized access to sensitive data. Microsoft has since updated its documentation to stress the need for stricter access control in key vaults under the Access Policy permission model emphasizing the importance of secure configurations to prevent such threats.

Impact

• Data Exfiltration
• Privilege Escalation
• Gain Access

Affected Vendors

Microsoft

Remediation

• Ensure that Kubernetes role-based access control (RBAC) is properly configured in the Airflow cluster to restrict access to only authorized users and service accounts, especially with cluster-admin permissions.
• Strengthen the authentication mechanism for Geneva to prevent unauthorized access. Implement robust authentication policies to avoid weak authentication vulnerabilities.
• Properly handle and secure secrets in the Azure environment, particularly for Azure's internal Geneva service, to prevent unauthorized tampering or access.
• Enforce strict access control on storage accounts containing Directed Acyclic Graph (DAG) files. Use more secure methods of managing write permissions, such as restricting access to service principals or SAS tokens.
• Establish comprehensive monitoring for Airflow clusters, Kubernetes pods, and Azure resources to detect any suspicious activities such as unauthorized log modifications or creation of new pods and service accounts.
• Ensure that service accounts and users are granted only the minimum necessary permissions. Regularly audit permissions and roles to prevent excessive privileges, especially for sensitive resources.
• For Azure Key Vault, ensure that users with the Contributor role are not able to add themselves to access policies or gain unauthorized access to key vault data. Limit Contributor role access under the Access Policy permission model.