Cosmos DB Vulnerability: Error on the Side of Caution

August 27, 2021 Lee Grant, Principal Application Architect

 

On August 26, Internet security firm, Wiz, announced it had found a security flaw in Microsoft Azure Cosmos DB, a global multi-model NoSQL store used by thousands of enterprises around the world.

The exploit, named “ChaosDB,” allows bad actors to access the primary keys to a Cosmos DB account. The exploit was found in the recently added Jupyter Notebook feature of Cosmos DB.

In response to this threat, Microsoft immediately disabled this feature for a full security audit.

Our Recommendation

OneNeck recommends everyone who has implemented a Cosmos DB account immediately regenerate the primary and secondary access keys. This will ensure continued data privacy.  While Microsoft doesn’t believe any customer data has been leaked, but your keys should immediately be regenerated to be safe.

If you have any questions regarding this vulnerability, we are here to help. Don’t hesitate to reach out.

Keep Moving Forward. We Have Your Back.

This post Cosmos DB Vulnerability: Error on the Side of Caution first appeared on OneNeck.

Previous Article
The Future of Healthcare in the Cloud – Hybrid Cloud
The Future of Healthcare in the Cloud – Hybrid Cloud

Healthcare is undergoing a radical transformation. In response to the pandemic, IT teams have had to accele...

Next Article
Better Together in the Nutanix Service Provider Program
Better Together in the Nutanix Service Provider Program

You may have heard that Nutanix recently launched the Nutanix Elevate Service Provider Program, which OneNe...