Wiz Research discovers "ExtraReplica"— a cross-account database vulnerability in Azure PostgreSQL | Wiz Blog
Tags
| cmtmf-attack-pattern: | Native Code |
| attack-pattern: | Data Direct Model Models Cloud Services - T1021.007 Ip Addresses - T1590.005 Server - T1583.004 Server - T1584.004 Software - T1592.002 Vulnerabilities - T1588.006 |
Common Information
| Type | Value |
|---|---|
| UUID | 7e93a7df-1c7c-4f19-8a80-093b0e4d02ee |
| Fingerprint | fd1ab952853857c1 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | April 29, 2022, 1:12 a.m. |
| Added to db | Nov. 19, 2023, 6:14 a.m. |
| Last updated | Nov. 17, 2024, 12:58 p.m. |
| Headline | Wiz Research discovers "ExtraReplica"— a cross-account database vulnerability in Azure PostgreSQL |
| Title | Wiz Research discovers "ExtraReplica"— a cross-account database vulnerability in Azure PostgreSQL | Wiz Blog |
| Detected Hints/Tags/Attributes | 58/2/20 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 398 | ✔ | Wiz Blog | RSS feed | https://www.wiz.io/blog/rss | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 2 | wiz-research.com |
|
| Details | Domain | 1 | replication.eee03a2acfe6.database.azure.com.wiz-research.com |
|
| Details | Domain | 3 | alice.com |
|
| Details | Domain | 5 | bob.com |
|
| Details | Domain | 2 | azuresu.eee03a2acfe6.database.azure.com |
|
| Details | Domain | 2 | rl.eee03a2acfe6.prod.osdb.azclient.ms |
|
| Details | Domain | 2 | replication.eee03a2acfe6.database.azure.com |
|
| Details | Domain | 12 | digicert.com |
|
| Details | Domain | 1 | replication.ebe6ed51328f.database.azure.com.wiz-research.com |
|
| Details | Domain | 2 | wizresearch-target-1.postgres.database.azure.com |
|
| Details | Domain | 41 | wiz.io |
|
| Details | 24 | research@wiz.io |
||
| Details | File | 2 | eee03a2acfe6.dat |
|
| Details | File | 2 | postgresql.cer |
|
| Details | File | 1 | ebe6ed51328f.dat |
|
| Details | File | 3 | postgres.dat |
|
| Details | IPv4 | 132 | 10.0.0.0 |
|
| Details | IPv4 | 619 | 0.0.0.0 |
|
| Details | IPv4 | 81 | 172.16.0.0 |
|
| Details | IPv4 | 124 | 192.168.0.0 |