MS Clouds found DB accessible vulnerabilities

Cloud platform of Microsoft (MS) was confirmed that thousands of companies are exposed to a deadly database (DB) vulnerability.

If you exploit this vulnerability found in the MS Gospel Flagship DB 'Cosmos DB', a person who is not authorized to read and delete DBs. Currently, MS has resolved the problem.

27th (Local Time) reported that MS announced that MS has emailed this vulnerability discovery in Cosmos DB usage companies.

This vulnerability was first discovered by the Research Team of Security Company Wiz. The Wiz Research team was able to access the access control key for DBs held by thousands of businesses. The vulnerability existed on the Journal of the Journal of the Journal Edition. The Jupiter notebook was available for years in Cosmos DB, and since last February, it was activated as basic functions.

Because the MS could not change the DB access control keys itself, the email was sent to create a new key to the companies in the vulnerability impact on the 26th. In the mail, Microsoft said, There is no evidence that this defect has been exploited, he did not signs that he had accessed the keys outside of the (Wiz) researchers, he was relieved.

According to reports, the Wiz Research team found the issue of the last 9th and announced on the 12th MS. MS said it fixed the problem immediately when confirmed the vulnerability.

MS Cloud Security Group Amy Route Wax CTO from the Top Technical Officer (CTO) is from the interview with Reuters, Cosmos DB is an envious DB, and we could access all customers DB, which was the worst that this can imagine Cloud Vulnerability of Cloud Vulnerability.