Microsoft Azure Cosmos DB consumers are allegedly at risk of severe security breaches after the giant tech firm confirmed a new security vulnerability.

Microsoft Azure Cosmos DB Database Vulnerability Allegedly Exposes 3,300 Companies To Severe Hacks
(Photo : Photo credit should read ISSOUF SANOGO/AFP via Getty Images)

The giant tech developer explained that the new Cosmos DB database flaw could allow online attackers to take over the users' database remotely completely. 

It added that once the vulnerability is exploited efficiently, the security flaw could give hackers full admin access without user authorization. 

Microsoft security experts claimed that some of the systems its largest consumer companies and agencies could still be open to unauthorized read/write access, which is more known as the "ChaosDB" security flaw. 

"Microsoft has recently become aware of a vulnerability in Azure Cosmos DB that could potentially allow a user to gain access to another customer's resources by using the account's primary read-write key," said the giant tech firm. 

Microsoft Azure Cosmos DB Flaw's Details

According to Bleeping Computer's latest report, Azure Cosmos DB is distributed by Microsoft across the globe. The giant tech manufacturer is offering this NoSQL database service for modern app development. 

Microsoft Azure Cosmos DB Database Vulnerability Allegedly Exposes 3,300 Companies To Severe Hacks

(Photo : Photo by Drew Angerer/Getty Images)
A view of the new Microsoft Surface Laptop following a Microsoft launch event, May 2, 2017 in New York City. The Windows 10 S operating system is geared toward the education market and is Microsoft's answer to Google's Chrome OS.

Also Read: Microsoft Users Fell Victim to Data Exposure Due to Power Apps' Default Permission Settings

Various high-end companies are currently relying on it, such as Coca-Cola, Exxon-Mobil, Citrix, Symantec, and Mercedes Benz. 

On the other hand, Slash Gear reported that 3,300 companies are currently at risk of major breaches because of the new vulnerability in Azure Cosmos DB. 

Microsoft recently identified the new security flaw on Aug. 12 after the security firm Wiz informed the company about ChaosDB's appearance. 

In other news, Microsoft Translator received a new feature called Regional Accents. Meanwhile, Microsoft 365 Packages' prices are expected to increase this coming 2022.  

Other Info About ChaosDB Flaw

The new Azure Cosmos DB database security vulnerability already affected the Jupyter Notebook feature. Involved cybersecurity experts explained that this bug enabled attackers to steal users' Cosmos DB credentials. 

They added that these sensitive consumer details include the primary key, allowing hackers to have complete and unrestricted remote access to Microsoft Azure users' accounts. 

This vulnerability is alarming because online attackers no longer need to have previous access to their targets to efficiently exploit the system flaw. 

For more news updates about the Microsoft ChaosDB flaw and other new security threats, always keep your tabs open here at TechTimes. 

Related Article: Microsoft Exchange Servers Hacked by New Ransomware Gang via ProxyShells Vulnerabilities-How to Avoid

This article is owned by TechTimes

Written by: Griffin Davis

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion