A newly disclosed vulnerability in Microsoft Corp.’s Azure Cosmos DB was found to open the door to an attacker without needing authentication under certain conditions.
The vulnerability is known as “CosMiss,” according to Orca Security Ltd. security researchers. If an attacker is aware of a Cosmos DB Notebook’s “forwarding,” which is the globally unique identifier of the Notebook Workspace, the vulnerability becomes accessible. With this information, the attacker would have complete access to the Notebook without the need for authentication, granting them read-write access, code injection, and the ability to overwrite code to execute remote code.
Microsoft’s quick NoSQL database, Azure Cosmo DB, is used by the retail sector to store catalog data as well as by Microsoft in its own e-commerce platforms.