Microsoft Azure cloud vulnerability exposed thousands of databases

Microsoft’s Azure cloud platform exposed the database keys of 3,300 customers, including Fortune 500 enterprises, that had used a data-science feature available on the platform since 2019, cloud security firm Wiz said this week.

The company discovered a privilege-escalation vulnerability in Microsoft’s implementation of Jupyter Notebooks, a popular interactive Web application for data science. This flaw allowed its researchers to access the primary database keys of other organizations using Jupyter Notebooks in Azure. Coca-Cola, Kohler, Rolls-Royce, Siemens, and Symantec all had database keys exposed, researchers found.

Wiz notified Microsoft within three days of the discovery, and Microsoft shut down the Jupyter Notebook feature within 48 hours of notification on Aug. 14, says Shir Tamari, head of research at Wiz.

“Our researchers managed to find this vulnerability that allowed them to do lateral movement from our instance of Jupyter Notebooks to other customers’ Jupyter Notebooks,” he says. “And this was the key part in the vulnerability, because other customers’ Jupyter Notebooks contain access keys for their databases in Azure.”

Microsoft sent an advisory to customers whose databases were exposed by the research, even though the Wiz researchers attempted to minimize any access to other company’s data, Tamari says.

While cloud service providers are generally considered more capable of securing their services than enterprises, vulnerabilities in these services can be so extensive that a single issue can affect thousands of companies. Despite better baseline security in the cloud, almost 60% of companies are more concerned with their security after moving to cloud-native infrastructure, a May survey found.

To read the complete article, visit Dark Reading.