Microsoft Azure Cosmos DB Vulnerability
Incident Report for AppRiver
Resolved
This incident has been resolved.
Posted Oct 20, 2021 - 15:20 CDT
Monitoring
Summary:
On August 27, 2021, we learned of vulnerabilities with Microsoft’s Azure Cosmos DB that was discovered by the Wiz research team. The issue is described at https://chaosdb.wiz.io/ . Wiz explains how, “If the database is not internet facing then the data cannot be accessed remotely.” Microsoft’s notice to customers states, “Azure Cosmos DB accounts with a vNET or firewall enabled are protected by additional security mechanisms that prevent risk of unauthorized access.”

Microsoft has not notified Zix that it has been impacted. Zix’s use of Cosmos DB is not internet facing and has security enabled around it. Moreover, we have found no evidence of malicious activity.

Remedy:
In an abundance of caution, we have implemented the mitigation steps recommended by Microsoft. We have asked Microsoft for additional updates and guidance.

Action:
The mitigation steps have been implemented without the need for any customer action.

We encourage you to regularly evaluate your security and implement additional safeguards as appropriate.
Posted Aug 27, 2021 - 16:58 CDT
This incident affected: Office 365.