Security News > 2021 > August > Microsoft warns Azure customers of critical Cosmos DB vulnerability
Microsoft has warned thousands of Azure customers that a now-fixed critical vulnerability found in Cosmos DB allowed any user to remotely take over other users' databases by giving them full admin access without requiring authorization.
"Microsoft has recently become aware of a vulnerability in Azure Cosmos DB that could potentially allow a user to gain access to another customer's resources by using the account's primary read-write key," the company told customers.
Successful exploitation enabled them to access other users' Cosmos DB credentials, including their primary key, which provided them with complete and unrestricted remote access to Microsoft Azure customers' databases and accounts.
According to the Wiz research team, the actual number of impacted customers is likely a lot larger as it probably includes most Cosmos DB customers, given that the ChaosDB vulnerability was present and could've been exploited for months before their disclosure.
To mitigate the risk and block potential attacks, Microsoft advises Azure customers to regenerate the Cosmos DB Primary Keys that could've been stolen before the vulnerable feature was disabled.
If you are using the Azure Cosmos DB Core API, consider using the Azure Cosmos DB role-based access control to authenticate your database operations with Azure Active Directory instead of primary/secondary keys.
News URL
Related news
- Hackers target critical zero-day vulnerability in PTZ cameras (source)
- Microsoft warns Azure Virtual Desktop users of black screen issues (source)
- Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems (source)
- Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418) (source)
- CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability (source)
- Urgent: Critical WordPress Plugin Vulnerability Exposes Over 4 Million Sites (source)
- Critical SailPoint IdentityIQ Vulnerability Exposes Files to Unauthorized Access (source)
- Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console (source)
- PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) (source)
- Microsoft: Another Chinese cyberspy crew targeting US critical orgs 'as of yesterday' (source)