Researchers discover critical flaw in Azure Cosmos DB

A main flaw in Microsoft’s Azure Cosmos DB is placing 1000’s of corporations at possibility.

In a site post Thursday, Wiz protection scientists Nir Ohfeld and Sagi Tzadik in depth how they were in a position to achieve complete unrestricted access to the accounts and databases of quite a few thousand Microsoft Azure prospects, which include Fortune 500 corporations Coca-Cola and Exxon Mobil. The vulnerability, which they dubbed ChaosDB, has an effect on Azure’s flagship databases provider, Cosmos DB.

The story was to start with reported by Reuters Friday after Microsoft warned 1000’s of cloud prospects their databases may well be exposed. Exploiting the flaw could allow an attacker to steal the key keys of Cosmos DB prospects.

Ohfeld and Tzadik to start with uncovered the flaw two months back, whilst on a program research for new assault surfaces in the cloud. What they discovered was a series of flaws

Read More