Wiz Research discovers "ExtraReplica"— a cross-account database vulnerability in Azure PostgreSQL | Wiz Blog
Tags
| cmtmf-attack-pattern: | Native Code |
| attack-pattern: | Data Direct Model Models Cloud Services - T1021.007 Ip Addresses - T1590.005 Server - T1583.004 Server - T1584.004 Software - T1592.002 Vulnerabilities - T1588.006 |
Common Information
| Type | Value |
|---|---|
| UUID | fd7aa0df-abab-4aef-a58b-98685e8f7e48 |
| Fingerprint | f91ab9529d3057c1 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | April 29, 2022, 1:12 a.m. |
| Added to db | Oct. 23, 2023, 1:24 a.m. |
| Last updated | Nov. 17, 2024, 12:58 p.m. |
| Headline | Wiz Research discovers "ExtraReplica"— a cross-account database vulnerability in Azure PostgreSQL |
| Title | Wiz Research discovers "ExtraReplica"— a cross-account database vulnerability in Azure PostgreSQL | Wiz Blog |
| Detected Hints/Tags/Attributes | 60/2/18 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 2 | wiz-research.com |
|
| Details | Domain | 2 | replication.eee03a2acfe6.database.azure.com |
|
| Details | Domain | 3 | alice.com |
|
| Details | Domain | 5 | bob.com |
|
| Details | Domain | 2 | azuresu.eee03a2acfe6.database.azure.com |
|
| Details | Domain | 2 | rl.eee03a2acfe6.prod.osdb.azclient.ms |
|
| Details | Domain | 12 | digicert.com |
|
| Details | Domain | 1 | database.azure.com.wiz-research.com |
|
| Details | Domain | 2 | wizresearch-target-1.postgres.database.azure.com |
|
| Details | Domain | 41 | wiz.io |
|
| Details | 24 | research@wiz.io |
||
| Details | File | 2 | eee03a2acfe6.dat |
|
| Details | File | 2 | postgresql.cer |
|
| Details | File | 3 | postgres.dat |
|
| Details | IPv4 | 132 | 10.0.0.0 |
|
| Details | IPv4 | 619 | 0.0.0.0 |
|
| Details | IPv4 | 81 | 172.16.0.0 |
|
| Details | IPv4 | 124 | 192.168.0.0 |