Facebook Twitter Instagram
    • Privacy Policy
    • Contact Us
    Facebook Twitter Instagram Pinterest Vimeo
    AI Home SecurityAI Home Security
    • Home
    • Home Security
    • Cyber Security
    • Biometric Technology
    Contact
    AI Home SecurityAI Home Security
    Cyber Security

    Two Critical Flaws Found in Alibaba Cloud’s PostgreSQL Databases

    justmattgBy justmattgApril 21, 2023No Comments2 Mins Read

    [ad_1]

    Apr 20, 2023Ravie LakshmananCloud Security / Vulnerability

    Alibaba Cloud PostgreSQL Databases

    A chain of two critical flaws has been disclosed in Alibaba Cloud’s ApsaraDB RDS for PostgreSQL and AnalyticDB for PostgreSQL that could be exploited to breach tenant isolation protections and access sensitive data belonging to other customers.

    “The vulnerabilities potentially allowed unauthorized access to Alibaba Cloud customers’ PostgreSQL databases and the ability to perform a supply chain attack on both Alibaba database services, leading to an RCE on Alibaba database services,” cloud security firm Wiz said in a new report shared with The Hacker News.

    The issues, dubbed BrokenSesame, were reported to Alibaba Cloud in December 2022, following mitigations were deployed by the company on April 12, 2023. There is no evidence to suggest that the weaknesses were exploited in the wild.

    In a nutshell, the vulnerabilities – a privilege escalation flaw in AnalyticDB and a remote code execution bug in ApsaraDB RDS – made it possible to elevate privileges to root within the container, escape to the underlying Kubernetes node, and ultimately obtain unauthorized access to the API server.

    Armed with this capability, an attacker could retrieve credentials associated with the container registry from the API server and push a malicious image to gain control of customer databases belonging to other tenants on the shared node.

    Alibaba Cloud PostgreSQL Databases

    “The credentials used to pull images were not scoped correctly and allowed push permissions, laying the foundation for a supply-chain attack,” Wiz researchers Ronen Shustin and Shir Tamari said.

    This is not the first time PostgreSQL vulnerabilities have been identified in cloud services. Last year, Wiz uncovered similar issues in Azure Database for PostgreSQL Flexible Server (ExtraReplica) and IBM Cloud Databases for PostgreSQL (Hell’s Keychain).

    UPCOMING WEBINAR

    Defend with Deception: Advancing Zero Trust Security

    Discover how Deception can detect advanced threats, stop lateral movement, and enhance your Zero Trust strategy. Join our insightful webinar!

    Save My Seat!

    The findings come as Palo Alto Networks Unit 42, in its Cloud Threat Report, revealed that “threat actors have become adept at exploiting common, everyday issues in the cloud,” including misconfigurations, weak credentials, lack of authentication, unpatched vulnerabilities and malicious open source software (OSS) packages.

    “76% of organizations don’t enforce MFA [multi-factor authentication] for console users, while 58% of organizations don’t enforce MFA for root/admin users,” the cybersecurity firm said.

    Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.



    [ad_2]

    Source link

    Previous ArticleFortra Sheds Light on GoAnywhere MFT Zero-Day Exploit Used in Ransomware Attacks
    Next Article ‘GhostToken’ Opens Google Accounts to Permanent Infection
    justmattg
    • Website

    Related Posts

    Cyber Security

    Name That Toon: Last Line of Defense

    April 16, 2024
    Cyber Security

    OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt

    April 16, 2024
    Cyber Security

    Middle East Cyber Ops Intensify, With Israel the Main Target

    April 16, 2024
    Add A Comment

    Leave A Reply Cancel Reply

    Facebook Twitter Instagram Pinterest
    • Privacy Policy
    • Contact Us
    AI Home Security © 2025 All rights reserved | Designed By ESmartsSolution

    Type above and press Enter to search. Press Esc to cancel.

    ↑