Cloud security vendor Wiz announced yesterday that it found a vulnerability in Microsoft Azure's managed database service, Cosmos DB, that granted read/write access for every database on the service to any attacker who found and exploited the bug.
Although Wiz only found the vulnerability—which it named "Chaos DB"—two weeks ago, the company says that the vulnerability has been lurking in the system for "at least several months, possibly years."
Link
Although Wiz only found the vulnerability—which it named "Chaos DB"—two weeks ago, the company says that the vulnerability has been lurking in the system for "at least several months, possibly years."
Link
AutoEnrolledInExpermentalBugRiddenFeatures: default