thehackernews.com Open in urlscan Pro
2606:4700:20::681a:161  Public Scan

Form analysis
2 forms found in the DOM

GET https://www.google.com/cse

<form action="https://www.google.com/cse" id="searchform" method="get"><input autocomplete="off" id="s" name="q" placeholder="Search Here..." type="text">
  <input name="cx" type="hidden" value="partner-pub-7983783048239650:3179771210">
</form>

Name: f1 — POST https://inl02.netline.com/rssnews0001/

<form action="https://inl02.netline.com/rssnews0001/" class="clear cf" id="subform" method="post" name="f1" target="_blank">
  <div class="email-box-h3">Cybersecurity Newsletter — Stay Informed</div>
  <p>Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.</p>
  <div class="email-input">
    <input name="_submit" type="hidden" value="0001">
    <input id="brand" name="brand" type="hidden" value="thehackernews">
    <div class="e-book"><input checked="yes" id="opt_001" name="opt_001" type="checkbox" value="Y"><input checked="yes" id="opt_003" name="opt_003" type="checkbox" value="Y"></div><label class="visuallyhidden" for="input-email">Email</label><input
      class="text" id="input-email" name="email" placeholder="Enter your email address" required="" type="email">
    <button aria-label="Subscribe" id="submitform" type="submit" value="Subscribe"></button>
  </div>
</form>

Text Content

Follow us    


 Subscribe to Newsletter
 *  Home
 *  Newsletter
 *  Offers

 * Home
 * Data Breaches
 * Cyber Attacks
 * Vulnerabilities
 * Malware
 * Offers
 * Contact





Resources
 * THN Store
 * Free eBooks
 * Freebies
 * RSS Feeds

About Site
 * About Us
 * Our Team
 * Jobs
 * Advertise With Us


Contact/Tip Us

Reach out to get featured—contact us to send your exclusive story idea,
research, hacks, or ask us a question or leave a comment/feedback!

Follow Us On Social Media
    
 RSS Feeds  Email Alerts  Telegram Channel



CRITICAL COSMOS DATABASE FLAW AFFECTED THOUSANDS OF MICROSOFT AZURE CUSTOMERS

August 27, 2021Ravie Lakshmanan

Cloud infrastructure security company Wiz on Thursday revealed details of a
now-fixed Azure Cosmos database vulnerability that could have been potentially
exploited to grant any Azure user full admin access to other customers' database
instances without any authorization.

The flaw, which grants read, write, and delete privileges, has been dubbed
"ChaosDB," with Wiz researchers noting that "the vulnerability has a trivial
exploit that doesn't require any previous access to the target environment, and
impacts thousands of organizations, including numerous Fortune 500 companies."



Cosmos DB is Microsoft's proprietary NoSQL database that's advertised as "a
fully managed service" that "takes database administration off your hands with
automatic management, updates and patching."

The Wiz Research Team reported the issue to Microsoft on August 12, after which
the Windows maker took steps to mitigate the issue within 48 hours of
responsible disclosure, in addition to awarding a $40,000 bounty to the finders
on August 17.



"We have no indication that external entities outside the researcher had access
to the primary read-write key associated with your Azure Cosmos DB account(s),"
Microsoft said in a statement. "In addition, we are not aware of any data access
because of this vulnerability. Azure Cosmos DB accounts with a vNET or firewall
enabled are protected by additional security mechanisms that prevent risk of
unauthorized access."

The exploit identified by Wiz concerns a chain of vulnerabilities in the Jupyter
Notebook feature of Cosmos DB, enabling an adversary to obtain the credentials
corresponding to the target Cosmos DB account, including the Primary Key, which
provides access to the administrative resources for the database account.



"Using these credentials, it is possible to view, modify, and delete data in the
target Cosmos DB account via multiple channels," the researchers said. As a
consequence, any Cosmos DB asset that has the Jupyter Notebook feature enabled
is potentially impacted.

Although Microsoft notified over 30% of Cosmos DB customers about the potential
security breach, Wiz expects the actual number to be much higher, given that the
vulnerability has been exploitable for months.

"Every Cosmos DB customer should assume they've been exposed," Wiz researchers
noted, adding, "we also recommend reviewing all past activity in your Cosmos DB
account." Additionally, Microsoft is also urging its customers to regenerate
their Cosmos DB Primary Keys to mitigate any risk arising from the flaw.




Found this article interesting? Follow THN on Facebook, Twitter  and LinkedIn
to read more exclusive content we post.

SHARE     
Share
Tweet
Share
Share
 Share on Facebook Share on Twitter Share on Linkedin Share on Reddit
Share on Hacker News Share on Email Share on WhatsApp Share on Facebook
Messenger Share on Telegram
Comments
SHARE 
Cosmos DB, data breach, Data Leak, data security, database security, hacking
news, Microsoft Azure, server security, Sysadmin
Popular This Week
WARNING: Microsoft Exchange Under Attack With ProxyShell Flaws
Cybercrime Group Asking Insiders for Help in Planting Ransomware
Top 15 Vulnerabilities Attackers Exploited Millions of Times to Hack Linux
Systems
Cloudflare mitigated one of the largest DDoS attack involving 17.2 million rps
Modified Version of WhatsApp for Android Spotted Installing Triada Trojan
38 Million Records Exposed from Microsoft Power Apps of Dozens of Organisations

Comments



Latest Stories

Other Stories
Stamp out poor coding practices for good
Download 'The Changing Face of Software Security 2021' to find out how.
Learn how organizations cultivates world-class secure developers
Read a senior application security engineer's story of working on the front
lines to maintain their enviable, first-class security program.
How to Mitigate PrintNightmare Vulnerability –
A guide for mitigating Microsoft's Print Spooler vulnerability - PrintNightmare
- for Windows
Learn to Code — 13 Online Courses
Learn to Code — Get 2021 Master Bundle of 13 Online Courses @ 99% OFF
Online Courses and Software
Ethical Hacking - Practical Training
10 courses + 1,236 lessons on latest techniques, forensics, malware analysis,
network security and programming.
1000+ Premium Online Courses
With course certification, Q/A webinars and lifetime access.
Cybersecurity Certification Training
CISA, CISM, CISSP, PMI-RMP, and COBIT 5 certifications.
CompTIA IT Certification Training
Lifetime access to 14 expert-led courses.
Cybersecurity Newsletter — Stay Informed

Sign up for cybersecurity newsletter and get latest news updates delivered
straight to your inbox daily.


Email
Follow Us

725,300 Followers

1,985,000 Followers

240,100 Followers

18,100 Subscribers

125,500 Followers
About
 * About Us
 * Advertising
 * Editorial Team
 * Contact

Pages
 * RSS Feeds
 * Deals Store
 * Privacy Policy
 * Copyright Policy

Deals
 * Exclusives
 * Hacking
 * Development
 * Android

 RSS Feeds
 Contact Us
 Telegram Channel
© The Hacker News, 2019. All Rights Reserved.