Back to directory
WRITEUP #2742

Wiz Research discovers "ExtraReplica"— a cross-account database vulnerability in Azure PostgreSQL

Privilege EscalationCross-tenant vulnerabilityAuthentication bypassCloud
by@shirtamari(Shir Tamari)
Program
Microsoft
Published
Apr 28, 2022
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://www.wiz.io/blog/wiz-research-discovers-extrareplica-cross-account-database-vulnerability-in-azure-postgresql/
RELATED WRITEUPS
Vulnerabilities in Open Source C2 Frameworks
RCEOS command injection
The Hunt for ALBeast: A Technical Walkthrough
CloudAWS ALB
Addressed AWS defaults risks: OIDC, Terraform and Anonymous to AdministratorAccess
CloudOIDC
Double Agent: Exploiting Pass-through Authentication Credential Validation in Azure AD
CloudPrivilege escalation
UnOAuthorized: Privilege Elevation Through Microsoft Applications
CloudPrivilege escalation

Built with ❤️ by Shubham Rawat