critical

ChaosDB

Published Thu, Aug 26th, 2021
Platforms

Summary

Azure's Cosmos DB database service was vulnerable to remote account takeover. Any Azure user could gain full admin access to other customers' Cosmos DB instances without authorization. The vulnerability had a trivial exploit that doesn't require any previous access to the target environment.

Affected Services

Cosmos DB

Remediation

Regenerate primary read/write key.

Tracked CVEs

No tracked CVEs

References

Disclosure Date
Mon, Aug 9th, 2021
Exploitablity Period
2017 - 2021
Known ITW Exploitation
-
Detection Methods
-
Discovered by
Nir Ohfeld, Sagi Tzadik, Wiz