This article has been indexed from Softpedia News / Security
Microsoft sent out a warning to thousands of cloud computing customers regarding threat actors that can view, modify, or even delete master databases if they gain access to their systems, according to Reuters.
Wiz announced that Microsoft Azure’s flagship Cosmos database contain a vulnerability that allows access to keys that control access to the databases of hundreds of companies. Unable to update those keys itself, Microsoft sent an email to its customers Thursday asking them to create new keys. The software giant compensated Wiz with $40,000 in cash for discovering and reporting the security flaw.
Microsoft said, “Microsoft recently became aware of a vulnerability in Azure Cosmos DB that could potentially allow a user to gain access to another customer’s resources by using the account’s primary read-w…
Read the original article: Critical Cosmos Database Flaw Affecting Microsoft Azure Customers