Microsoft fixed two problems with the Azure Database for PostgreSQL Flexible Server on Thursday, which may lead to an illegal cross-account SQL database in a territory.
“A malicious user might circumvent authentication to get access to other customers’ databases by leveraging an elevated rights flaw in the Flexible Server authentication procedure for a replication user,” according to the Microsoft Security Response Center (MSRC). The attack chain was called “ExtraReplica“
Microsoft stated that the flaw was fixed within 48 hours of its discovery on January 13, 2022.
It concerns a situation of privilege escalation in the Azure PostgreSQL system that allowed an attacker to build databases inside the victim’s Azure region and steal sensitive, as well as a cross-account authentication bypass using a fake certificate.
To put it another way, successful exploitation of the severe weaknesses might have allowed an attacker to get unauthorized read access to other customers’ PostgreSQL databases, thereby bypassing tenancy isolation.
The privilege escalation was tracked back to a flaw caused by changes made to the PostgreSQL engine to tighten its privilege model and provide new functionality.
ExtraReplica gets its name from a PostgreSQL function that allows users to replicate database data from one server to another, a process known as “replicating” the database.
The security hole affects PostgreSQL Flexible Server instances installed using the public access networking option, according to Microsoft, although the company highlighted that it found no indication of the problem being actively abused because no customer information was exposed.
Customers are not obligated to take any action, according to MSRC.
“We suggest that clients choose private network access while configuring their Flexible Server instances to further reduce vulnerability.
If you’d want to learn more about Azure Database for PostgreSQL and MySQL, the Microsoft team has put together a fantastic video on YouTube.