cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Caute_cautim
Community Champion

Microsoft Patches Critical Copilot Studio Vulnerability Exposing Sensitive Data

Hi All

 

Cybersecurity researchers have disclosed a critical security flaw impacting Microsoft's Copilot Studio that could be exploited to access sensitive information.

Tracked as CVE-2024-38206 (CVSS score: 8.5), the vulnerability has been described as an information disclosure bug stemming from a server-side request forgery (SSRF) attack.

"An authenticated attacker can bypass Server-Side Request Forgery (SSRF) protection in Microsoft Copilot Studio to leak sensitive information over a network," Microsoft said in an advisory released on August 6, 2024.

 

The tech giant further said the vulnerability has been addressed and that it requires no customer action

 

https://thehackernews.com/2024/08/microsoft-patches-critical-copilot.html

 

https://www.darkreading.com/remote-workforce/microsoft-copilot-studio-exploit-leaks-sensitive-cloud-...

 

 

Regards

 

Caute_Cautim

 

 

 

 

0 Replies