Top
image credit: Adobe Stock

Microsoft Azure Vulnerability Exposes PostgreSQL Databases to Other Customers

April 28, 2022

Microsoft on Thursday disclosed that it addressed a pair of issues with the Azure Database for PostgreSQL Flexible Server that could result in unauthorized cross-account database access in a region.

“By exploiting an elevated permissions bug in the Flexible Server authentication process for a replication user, a malicious user could leverage an improperly anchored regular expression to bypass authentication to gain access to other customers’ databases,” Microsoft Security Response Center (MSRC) said.

Read More on The Hacker News