Updated on 2022-11-02: Microsoft Fixes Vulnerability in Jupyter Notebooks for Azure Cosmos DB
Microsoft has fixed an authentication bypass vulnerability in Jupyter Notebooks for Azure Cosmos DB. Microsoft says that the missing authentication checks issue was introduced in August. Researchers from Orca reported the flaw to Microsoft in early October; Microsoft fixed the issue two days later.
- While the flaw was specific to Jupyter Notebooks for Azure Cosmos DB (99.8% of Azure Cosmos DB users are not in this category), and exploiting the flaw required guessing the 128-bit random GUID of an active session, aka “forwardingID” – which had to be used within an hour, Microsoft still patched the flaw by adding increased authentication checks. Since this is a server-side fix, no user action is necessary. Exploiting the flaw allowed full access to the Notebook.
Read more in
- Microsoft Mitigates Vulnerability in Jupyter Notebooks for Azure Cosmos DB
- CosMiss: Azure Cosmos DB Notebook Remote Code Execution Vulnerability
- Critical Vulnerability in Microsoft Azure Cosmos DB Opens Up Jupyter Notebooks
- Microsoft fixes critical RCE flaw affecting Azure Cosmos DB
Overview: CosMiss vulnerability
Microsoft rolled out fixes for an authentication bypass vulnerability in Jupyter Notebooks for Azure Cosmos DB, reported by Orca Security. The company calls the vulnerability CosMiss. Microsoft said no customers were impacted by this vulnerability, and no action is required from them to apply the patch. Read more: