Cosmos DB Vulnerability: Error on the Side of Caution


On August 26, Internet security firm, Wiz, announced it had found a security flaw in Microsoft Azure Cosmos DB, a global multi-model NoSQL store used by thousands of enterprises around the world.

The exploit, named “ChaosDB,” allows bad actors to access the primary keys to a Cosmos DB account. The exploit was found in the recently added Jupyter Notebook feature of Cosmos DB.

In response to this threat, Microsoft immediately disabled this feature for a full security audit.

Our Recommendation

OneNeck recommends everyone who has implemented a Cosmos DB account immediately regenerate the primary and secondary access keys. This will ensure continued data privacy.  While Microsoft doesn’t believe any customer data has been leaked, but your keys should immediately be regenerated to be safe.

If you have any questions regarding this vulnerability, we are here to help. Don’t hesitate to reach out.

Keep Moving Forward. We Have Your Back.

Get In Touch

Call Us

For general inquiries, call: 855.ONENECK

Immediate Assistance

Managed services support: 800.272.3077
Non-managed service support: 515.334.5755
Or visit our service desk:
Service Desk Portal

Chat With Us

Hours available: 24/7
Start a Chat

OneNeck Headquarters

525 Junction Road
Madison, WI 53717
View All Locations

Talk to Our Team