Wiz, a cloud security company launched by Microsoft veterans, had discovered an Azure vulnerability that allows malicious actors to replicate and gain read access to PostgreSQL Flexible Server customer databases. The company originally disclosed the vulnerability, dubbed "ExtraReplica," to Microsoft in January 2022.To exploit ExtraReplica, a malicious actor can:Microsoft confirmed that ExtraReplica has been mitigated and no action is required by Azure customers. In addition, Microsoft indicated it is not aware of any attempts to exploit the vulnerability.
- Choose a target PostgreSQL Flexible Server.
- Retrieve their target's common name from the Certificate Transparency feed and purchase a specially crafted certificate from DigiCert or a DigiCert Intermediate Certificate Authority.
- Locate their target's Azure region by resolving the database domain name and matching it to an Azure public IP range and creating an attacker-controlled database in their target's Azure region.
- Exploit the vulnerability to escalate privileges across an instance or scan a subnet for a target instance to gain read access.




