Orca Security cautions that an attacker may have been able to remotely execute arbitrary code in Azure Cosmos DB because of a missing authentication check vulnerability.
A NoSQL database called Azure Cosmos DB is used in order processing pipelines for event sourcing and on e-commerce platforms to store catalog data. The open-source interactive developer environment (IDE) Azure Cosmos DB Jupyter notebooks, which enables developers to share documents, live code, visualizations, and more, was where the security flaw was discovered. Jupyter notebooks that are integrated with Azure Cosmos DB may include secrets and private keys.
The CosMiss flaw could have permitted unauthorized access to the notebook if the attacker knew the notebook workspace UUID, also called the “forwardingId.” According to Orca, the attacker would have had the ability to change the container’s file system and execute code from a distance.