Researchers Disclose Details of Critical 'CosMiss' RCE Flaw Affecting Azure Cosmos DB


On Tuesday, Microsoft said that it has fixed an authentication bypass flaw in Jupyter Notebooks for Azure Cosmos DB that allowed complete read and write access.

The technology behemoth claimed that the issue was first noticed on August 12th, 2022, and was fixed globally on October 6th, 2022, two days after Orca Security made a responsible disclosure and named the bug CosMiss. This issue did not affect customers who did not use Jupyter Notebooks, it added. Read More…