Microsoft has issued guidance regarding how to secure Azure accounts that could be impacted recently by a Cosmos DB critical vulnerability. This gives attackers full admin rights to user data without authorization.
ChaosDB is the flaw that affects Microsoft Azure Cosmos DB. This NoSQL database service, which is distributed globally, is used by a variety of high-profile clients like Exxon-Mobil and Symantec.
The cloud security firm Wiz’s security research team discovered the security bug in the Jupyter Notebook feature, which is enabled by default.
The cloud security firm Wiz discovered the security flaw in Jupyter Notebook (enabled default). Any user could successfully exploit the vulnerability to gain customer primary read-write keys and allow them to remotely take over their databases.
More than 30% of CosmosDB customers were notified about a potential breach
Microsoft claims it “mitigated vulnerability immediately” following Wiz’s report. The timeline of the researchers shows that bug was fixed in 48 hours.
Over 30% of Cosmos Database customers were also alerted by the company about a possible security breach on August 26th, two weeks after the server-side disablement of the buggy Jupyter Notebook feature.
Wiz claims that the number of affected customers is probably much larger, as it would include all Cosmos DB customers. This is despite the fact that ChaosDB was present and could have been exploited for many months prior to the disclosure.
Microsoft stated on Friday that it found no evidence that any customer data was stolen due to this vulnerability by security researchers or third parties.
“If you didn’t receive an email or in portal notification, there is not evidence that any external parties have access to your primary read/write account key.”