A security researcher uncovered a critical vulnerability in the Microsoft Translator Hub that could essentially be utilized to erase any—or even all—of more than 13,000 projects that the service currently hosts.
The Translator Hub is a service that enables its users to assemble their own machine translation systems, tailor it for the specific needs of their organizations, and use it via the Microsoft Translator text API with Microsoft Document Translator, in applications and websites, and more.
The Hub lets corporations, language preservation communities, universities, and governments create translation systems between any pair of languages—even those that Microsoft Translator does not yet support—and reduce barriers in communication.
Haider Mahmood , a security researcher, found out that the HTTP request for removing a project actually housed the “projectid” parameter—a database project’s individual ID. Also, the request did not have any Cross-Site Request Forgery or CSRF protection, which meant that attackers could exploit that vulnerability and impersonate a logged-in user and then execute actions as if they were indeed that user.
In further analysis, an Indirect Object Reference vulnerability was also discovered. This could enable attackers to set the Project ID of their choosing in the HTTP project removal request and erase any project in the Microsoft Translator Hub. If they iterated through the projects IDs by beginning at 0 to 13000, a hacker could essentially erase every last project in the database.
The vulnerability was reported to Microsoft and the issue was addressed within two weeks of the finding. Microsoft also offered their acknowledgment of the researchers findings on the company’s Online Researcher Acknowledgement page.
Leave your comments on this article below.