Critical Azure Cosmos DB Bug Allows Full Cloud Account Takeover
A critical security vulnerability in Microsoft’s Azure cloud database platform has come to light. The flaw, which lies in Cosmos DB, could have allowed for a full remote takeover of accounts before it was patched. It is unclear whether Microsoft customers were breached during the several months in which the flaw remained exploitable. Attackers could have leveraged the bug to achieve admin rights to read, delete, or write information to a database instance.
According to researchers at Wiz, Azure customers were able to access another customer’s account without authentication. The bug has been named ChaosDB and can be trivially exploited. The flaw impacted thousands of organizations, including several large Fortune 500 companies. Wiz also stated that no prior exploitation has been discovered yet. However, Cosmos DB customers should assume that they have been exposed and act accordingly.