Microsoft Azure Cosmos DB consumers are allegedly at risk of severe security breaches after the giant tech firm confirmed a new security vulnerability.
The giant tech developer explained that the new Cosmos DB database flaw could allow online attackers to take over the users' database remotely completely.
It added that once the vulnerability is exploited efficiently, the security flaw could give hackers full admin access without user authorization.
Microsoft security experts claimed that some of the systems its largest consumer companies and agencies could still be open to unauthorized read/write access, which is more known as the "ChaosDB" security flaw.
"Microsoft has recently become aware of a vulnerability in Azure Cosmos DB that could potentially allow a user to gain access to another customer's resources by using the account's primary read-write key," said the giant tech firm.
Microsoft Azure Cosmos DB Flaw's Details
According to Bleeping Computer's latest report, Azure Cosmos DB is distributed by Microsoft across the globe. The giant tech manufacturer is offering this NoSQL database service for modern app development.
Various high-end companies are currently relying on it, such as Coca-Cola, Exxon-Mobil, Citrix, Symantec, and Mercedes Benz.
On the other hand, Slash Gear reported that 3,300 companies are currently at risk of major breaches because of the new vulnerability in Azure Cosmos DB.
Microsoft recently identified the new security flaw on Aug. 12 after the security firm Wiz informed the company about ChaosDB's appearance.
Other Info About ChaosDB Flaw
The new Azure Cosmos DB database security vulnerability already affected the Jupyter Notebook feature. Involved cybersecurity experts explained that this bug enabled attackers to steal users' Cosmos DB credentials.
They added that these sensitive consumer details include the primary key, allowing hackers to have complete and unrestricted remote access to Microsoft Azure users' accounts.
This vulnerability is alarming because online attackers no longer need to have previous access to their targets to efficiently exploit the system flaw.
For more news updates about the Microsoft ChaosDB flaw and other new security threats, always keep your tabs open here at TechTimes.
This article is owned by TechTimes
Written by: Griffin Davis