漏洞描述
Ensure that Infrastructure Encryption feature is enabled for your Azure Storage accounts in order to use encryption at the hardware level on top of the default software encryption provided by Microsoft Azure cloud.
azure-storage-encryption-missing: Azure Storage Infrastructure Encryption Not Enabled
PoC代码[已公开]
id: azure-storage-encryption-missing
info:
name: Azure Storage Infrastructure Encryption Not Enabled
author: princechaddha
severity: high
description: |
Ensure that Infrastructure Encryption feature is enabled for your Azure Storage accounts in order to use encryption at the hardware level on top of the default software encryption provided by Microsoft Azure cloud.
impact: |
Without Infrastructure Encryption, your data may be exposed to higher risks, as it lacks the additional hardware level security layer which complements the default software-based encryption.
remediation: |
Enable Infrastructure Encryption on your Azure Storage accounts to ensure data is encrypted at both software and hardware levels, enhancing the security posture.
reference:
- https://docs.microsoft.com/en-us/azure/storage/common/storage-service-encryption
tags: cloud,devops,azure,microsoft,azure-storage,azure-cloud-config
flow: |
code(1);
for (let StorageData of iterate(template.storageList)) {
set("name", StorageData);
code(2);
}
self-contained: true
code:
- engine:
- sh
- bash
source: |
az storage account list --query '[*].name'
extractors:
- type: json
name: storageList
internal: true
json:
- '.[]'
- engine:
- sh
- bash
source: |
az storage account show --name "$name" --query '{"requireInfrastructureEncryption":encryption.requireInfrastructureEncryption}'
matchers-condition: and
matchers:
- type: word
words:
- '"requireInfrastructureEncryption": null'
extractors:
- type: dsl
dsl:
- 'name + " does not have Infrastructure Encryption enabled"'
# digest: 4a0a00473045022058e83abcaee7c75c16e574bce46a0e0f3517d6c37faca718c588f621ff9d5af6022100a1cf12fcb22c57549b477b80a782d54d135c0e2c3ff40c91ed8a5c4ebc6bea65:922c64590222798bb761d5b6d8e72950