Microsoft issued guidance on securing Azure accounts that may be impacted by a recently addressed Cosmos DB critical vulnerability, giving attackers full admin rights to users’ data without authorization. The flaw, dubbed ChaosDB, impacts Microsoft Azure Cosmos DB, a globally distributed NoSQL database service used by a wide assortment of high-profile customers, including Exxon-Mobil, Mercedes Benz, Symantec, Coca-Cola, and Citrix.
Read full article on Bleeping Computer