Security News > 2021 > August > Critical Azure Cosmos DB Bug Allows Full Cloud Account Takeover
A critical security vulnerability in Microsoft's Azure cloud database platform - Cosmos DB - could have allowed full remote takeover of accounts, with admin rights to read, write and delete any information to a database instance.
"Azure Cosmos DB built-in Jupyter Notebooks are directly integrated into the Azure portal and your Azure Cosmos DB accounts, making them convenient and easy to use," according to Microsoft's documentation.
Wiz researchers found that by querying information about a target Cosmos DB Jupyter Notebook, it's possible to snag credentials for not just the Jupyter Notebook compute instance and the Jupyter Notebook Storage account of another user, but also the Cosmos DB account itself including the account's primary read-write key used to encrypt it.
"Using these credentials, it is possible to view, modify and delete data in the target Cosmos DB account via multiple channels," according to Wiz.
The computing giant also noted that Azure Cosmos DB accounts with a vNET or that are firewall-enabled are protected by additional security mechanisms that prevent risk of unauthorized access.
Wiz researchers, who earned a $40,000 bug bounty for finding the issue, added that all users should review all past activity in their Cosmos DB accounts.