Multiple critical vulnerabilities in Azure Database for PostgreSQL Flexible Server were recently discovered and fixed, Microsoft has announced in a security advisory.
As reported by BleepingComputer, the vulnerabilities could have allowed malicious users to escalate privileges and access customer databases. Luckily, the exploit was not used to attack Azure customers before the fix was issued, and no data was taken, Microsoft confirmed.
Given that the patch was deployed more than a month ago, Azure customers need to take no additional steps to protect their endpoints.
Fixes deployed
With Flexible Server, Azure Database for PostgreSQL users have more control over their databases. However, in this case, Flexible Server had created an opening for attack.
“By exploiting an elevated permissions bug in the Flexible Server authentication process for a replication user, a malicious user could leverage an improperly anchored regular expression to bypass authentication to gain access to other customers’ databases,” Microsoft said.
“This was mitigated within 48 hours (on January 13, 2022). Customers using the private access networking option were not exposed to this vulnerability. The Single Server offering of Postgres was not impacted.”
By the end of February, all fixes were deployed, Microsoft went on to explain.
Still, the company said it would be wise to deploy PostgreSQL flexible servers on Azure virtual networks (VNet), as they provide private and secure network communication.
“In order to further minimize exposure, we recommend that customers enable private network access when setting up their Flexible Server instances,” the company said.
Wiz Research, the cloud security company that first discovered the bug, dubbed it ExtraReplica, and added that there were some challenges to keeping track of cloud vulnerabilities.
“As with other cloud vulnerabilities, this issue did not receive a CVE identifier (unlike software vulnerabilities). It is not recorded or documented in any database,” it said. “The absence of such a database impairs the ability of customers to monitor, track, and respond to cloud vulnerabilities.”
Via BleepingComputer
English
Arabic
Belarusian
Bengali
Bosnian
Bulgarian
Chinese (Simplified)
Croatian
Czech
Danish
Dutch
Estonian
Filipino
Finnish
French
Georgian
German
Greek
Gujarati
Hausa
Hebrew
Hindi
Hmong
Hungarian
Igbo
Indonesian
Italian
Japanese
Javanese
Kazakh
Korean
Kurdish (Kurmanji)
Kyrgyz
Lao
Latvian
Lithuanian
Macedonian
Malagasy
Norwegian
Persian
Polish
Portuguese
Punjabi
Romanian
Russian
Serbian
Slovak
Slovenian
Spanish
Swedish
Thai
Turkish
Ukrainian
Vietnamese
Yoruba