Microsoft Addresses Cross-Tenant Database Vulnerability in Azure PostgreSQL
Microsoft has released new patches to address critical security vulnerabilities affecting its Azure PostgreSQL product. Discovered by security researchers from Wiz Research, the “chain” of flaws dubbed “ExtraReplica” could be exploited to gain unauthorized cross-account database access.
According to the security advisory published by the Wiz Research team, the vulnerabilities allow attackers to bypass tenant isolation in Azure’s infrastructure. ExtraReplica exploits a flaw that lets unauthorized users get read access to PostgreSQL databases.
“By exploiting an elevated permissions bug in the Flexible Server authentication process for a replication user, a malicious user could leverage an improperly anchored regular expression to bypass authentication to gain access to other customers’ databases. This was mitigated within 48 hours (on January 13, 2022),” Microsoft Security Response Center (MSRC) explained.
Specifically, the threat actor first selects a public PostgreSQL Flexible Server and then finds the target’s Azure region. Once done, they create an attacker-controlled database in the same region.
The attacker can now exploit the first security flaw on the target attacker-controlled instance. This vulnerability was discovered in Azure’s PostgreSQL engine modifications, and it makes it possible to escalate privileges and run malicious code. The next step involves abusing the second flaw found in the certificate authentication process to gain read access to the target instance.
Microsoft fixes the ExtraReplica bug on all vulnerable servers
It is important to note that the security vulnerabilities don’t affect “Single Server instances or Flexible servers with the explicit VNet network configuration (Private access).” Microsoft says that it has addressed the flaws on all vulnerable servers. The company reiterated that it had not found evidence that this vulnerability was actively exploited or compromised customer data.
“No action is required by customers. In order to further minimize exposure, we recommend that customers enable private network access when setting up their Flexible Server instances,” MSRC added. We invite you to check out the Flexible Server networking support page for more details.
More in Microsoft Azure
A Guide to Azure Certification
Sep 23, 2022 | Aidan Finn
What is Azure Data Factory?
Sep 9, 2022 | Sukesh Mudrakola
Microsoft's New Azure Managed Grafana Service Improves Data Visualizations
Sep 1, 2022 | Rabia Noureen
Microsoft is Investigating Azure Outage Affecting Ubuntu VMs
Aug 31, 2022 | Rabia Noureen
Microsoft's Arm-based Azure VMs with Ampere Altra Chips Are Now Generally Available
Aug 31, 2022 | Rabia Noureen
Microsoft Makes Teams Voice and Video Calling Features Available to Custom Business Apps
Aug 24, 2022 | Rabia Noureen
Most popular on petri