Newly disclosed RCE flaw in Cosmos DB's Jupyter Notebook feature highlights some of the weaknesses that can arise from emerging tech in the cloud-native and machine learning worlds.
Orca Security researchers say the vulnerability could have let an attacker have full permissions on a Cosmos DB Jupyter notebook, while Microsoft disputes the impact of the bug, claims its hard to exploit and affects a tiny fraction of Cosmos DB users.
Analysts at Orca Security have found a critical vulnerability affecting Azure Cosmos DB that allowed unauthenticated read and write access to containers.