ChaosDB Explained: Azure's Cosmos DB Vulnerability Walkthrough | Wiz Blog
Pull back the curtain and get the step-by-step technical walkthrough of ChaosDB, one of the most sever Azure vulnerabilities of all time
Hasnain says:
Yikes. Great write up though, I learnt a bunch from this one.
“We managed to gain unauthorized access to customers’ Azure Cosmos DB instances by taking advantage of a chain of misconfigurations in the Jupyter Notebook Container feature of Cosmos DB. We were able to prove access to thousands of companies’ Cosmos DB Instances (database, notebook environment, notebook storage) with full admin control via multiple authentication tokens and API keys. Among the affected customers are many Fortune 500 companies. We also managed to gain access to the underlying infrastructure that runs Cosmos DB and we were able to prove that this access can be maintained outside of the vulnerable application—over the internet. Overall, we think that this is as close as it gets to a “Service Takeover”.”
Posted on 2021-11-13T19:50:15+0000