Researchers who identified the issue in Microsoft’s Azure’s core database warned that all users of the cloud platform, not just the 3,300 who have been notified, should replace their digital access credentials.
The primary digital keys for most users of the Cosmos DB database might be easily accessed, allowing anyone to edit, steal, or even delete millions of entries, according to researchers at Wiz, a cloud security business.
After Wiz alerted Microsoft, they repaired the setup error that allowed any Cosmos user to view another’s database. After that, the IT giant notified certain users that they needed to reset their passwords.
Customers that set up Cosmos access during the research timeframe received alerts, Microsoft said in a blog post. It was discovered, however, that no one had used the issue to gain access to client data. The Cybersecurity and Infrastructure Security Agency of the US Department of Homeland Security, on the other hand, used much tougher language and made it plain that it was communicating with everyone with an account, not just those who had been notified.
Customers of Azure Cosmos DB were recommended to regenerate their certificate keys, which Wiz experts agreed with.
Wiz Chief Technology Officer Ami Luttwak, who worked at Microsoft and developed tools to log cloud security incidents, said it would be difficult for the company to completely rule out someone using this before.
Microsoft, on the other hand, refused to say whether it kept detailed logs for the two years during which the Jupyter Notebook feature was misconfigured or used in any other way to rule out abuse.
Microsoft provided tight assistance for Wiz’s research, according to the company. It, on the other hand, declined to explain how it could be convinced that previous customers were safe. Sagi Tzadik, one of Wiz’s senior researchers, said it was terrifying and hoped no one else discovered the bug.