Get Started Today!  (954) 834-2800

croom new

KB Technologies Managed IT Blog

Nasty Vulnerability Found in Microsoft Azure’s Managed Database Service

Nasty Vulnerability Found in Microsoft Azure’s Managed Database Service

Some vulnerabilities can fly under the radar for quite some time, some for months or even years. This is the case with a recently discovered Microsoft Azure database vulnerability. The exploit, discovered by cloud security provider Wiz, is found in Cosmos DB, Microsoft Azure’s managed database service, and it’s a real nasty one at that. Let’s dive into the details and see what we can learn from the incident.

This vulnerability, aptly titled Chaos DB, is so deeply rooted that it can grant read/write access for every single database on the service. While there is no evidence that the exploit was utilized, that’s not to say that this isn’t a huge problem. It all boils down to the way that the database handles primary keys and, once again, how Microsoft deployed default settings for one of their services.

Wiz discovered this vulnerability in the Jupyter Notebook feature of Cosmos DB. This feature was enabled automatically for all instances of Cosmos DB in February of 2021, but Wiz suspects that this particular issue could go all the way back to 2019 when Jupyter was first introduced. Basically, what happens is that a misconfiguration within Jupyter allows users to obtain the primary keys for other users of Cosmos DB. This is perhaps the worst possible outcome, as the primary key gives the holder the ability to read, write, and delete data on just about anyone’s database.

Since the primary keys do not expire, if they have been leaked to malicious threat actors, the only solution is to rotate the primary keys so that they are not useful to whoever gains access to them. If this is not done, then anyone who has obtained the primary key will have all of these escalated privileges. Wiz, on the other hand, recommends that organizations who have had Jupyter enabled on their service for any amount of time rotate their keys… you know, just to be safe.

Thankfully, Microsoft disabled the vulnerability that enabled Chaos DB promptly after it was discovered, but there is only so much that the company can do in terms of the primary keys, which customers are going to have to rotate themselves. Microsoft issued a warning to the affected customers—about a third of the service’s user base—and sent out instructions on how to mitigate the risk, so any users of this service should catch up on the state of the problem. 

Again, we want to emphasize the importance of making sure that your business’ technology is configured correctly—especially when incidents like these occur. You never know when one minor setting could expose your critical data to hackers and other online threats. If you want to take the guesswork out of the equation, KB Technologies Managed IT is happy to lend its support. We can assist your organization with implementing and configuring any business technology solution. To learn more, reach out to us at (954) 834-2800.

Tired Of Annoying Computer Problems That Keep Coming Back?

Tech Term: Firewall
Strong New Options Make Video Conferencing an Esse...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Friday, October 22 2021

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.kb-it.com/

Latest Blog

Authentication is one of the most important topics on the table for discussion this year, particularly in regards to how the need for secure data access has been increased considerably during the COVID-19 crisis. How can you make sure that your data is being accessed in a sa...

Latest News

KB Technologies Managed IT is proud to announce the launch of our new website at http://www.kb-it.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...