Azure Jobs Run In Admin Mode
Description
Identifies Azure Batch pools where start tasks are configured to run with administrative (elevated) privileges. Running batch jobs with admin privileges poses a security risk as compromised jobs could gain unrestricted access to the system, violating the principle of least privilege.
Detection Strategy
• Examines each Azure Batch pool's start task configuration
• Checks if the start task's user_identity.auto_user.elevation_level is set to 'admin'
• Reports a vulnerability when batch jobs are configured to run with administrative privileges
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.