Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    1 vulnerability by Internal Microsoft Azure Service

    AVID-2023-V010

    Vulnerability from avid – Published: 2023-03-31 – Updated: 2023-03-31 ATLAS Case Study
    Summary
    The Microsoft AI Red Team performed a red team exercise on an internal Azure service with the intention of disrupting its service. This operation had a combination of traditional ATT&CK enterprise techniques such as finding valid account, and exfiltrating data -- all interleaved with adversarial ML specific steps such as offline and online evasion examples.
    Risk domain
    Security
    SEP view
    S0100: Software Vulnerability, S0301: Information Leak, S0403: Adversarial Example
    Lifecycle
    L06: Deployment
    Organisations
    Affected artifacts
    Artifact Type
    Internal Microsoft Azure Service System
    References
    URL Label
    https://atlas.mitre.org/studies/AML.CS0010 Microsoft Azure Service Disruption

    {
      "affects": {
        "artifacts": [
          {
            "name": "Internal Microsoft Azure Service",
            "type": "System"
          }
        ],
        "deployer": [
          "Internal Microsoft Azure Service"
        ],
        "developer": []
      },
      "credit": null,
      "data_type": "AVID",
      "data_version": "0.2",
      "description": {
        "lang": "eng",
        "value": "The Microsoft AI Red Team performed a red team exercise on an internal Azure service with the intention of disrupting its service. This operation had a combination of traditional ATT\u0026CK enterprise techniques such as finding valid account, and exfiltrating data -- all interleaved with adversarial ML specific steps such as offline and online evasion examples."
      },
      "impact": {
        "avid": {
          "lifecycle_view": [
            "L06: Deployment"
          ],
          "risk_domain": [
            "Security"
          ],
          "sep_view": [
            "S0100: Software Vulnerability",
            "S0301: Information Leak",
            "S0403: Adversarial Example"
          ],
          "taxonomy_version": "0.2"
        }
      },
      "last_modified_date": "2023-03-31",
      "metadata": {
        "vuln_id": "AVID-2023-V010"
      },
      "problemtype": {
        "classof": "ATLAS Case Study",
        "description": {
          "lang": "eng",
          "value": "Microsoft Azure Service Disruption"
        },
        "type": "Advisory"
      },
      "published_date": "2023-03-31",
      "references": [
        {
          "label": "Microsoft Azure Service Disruption",
          "type": "source",
          "url": "https://atlas.mitre.org/studies/AML.CS0010"
        }
      ],
      "reports": null
    }