Tuesday, August 31, 2021

The Microsoft Azure Cosmos DB security flaw and the impact on customers

On August 12, 2021, the cyber security researcher Wiz reported to Microsoft a vulnerability in Microsoft Azure Cosmos DB that potentially allowed intruders to gain access to customer’s database by using the Cosmos DB primary read-write key. According to Microsoft, the flaw was related to a data visualization feature called Jupyter Notebook. In a blog post, Wiz pointed out that this feature was introduced in 2019 but it has been enabled by default for new DBs since February 2021. What made me think whether my customers or my environments could have been affected.

In an official statement, Microsoft shares that this security issue was fixed immediately to keep the customers protected.

On August 29, 2021, Wiz published a very good blog post called Protecting your environment from ChaosDB that goes deeply and covers topics such as Who is affected, Find out which Cosmos DBs are affected by this vulnerability, and Actions to be taken (short-term and long-term actions/recommendations). If you use Cosmos DB in your applications, I recommend you to have a look at the following blog posts to better understand the overall situation and reach out the correct decision for your business scenario:

Better safe than sorry 😊

I ended up regenerating the primary read-write key of my Cosmos DBs. I also took this opportunity to regenerate the primary read-only key as well as the secondary read-write and read-only keys of all my Cosmos DBs to ensure all keys are new and my data is protected.

No comments:

Post a Comment