Improper Access Control
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-284: Improper Access Control |
| OWASP | A05:2017 - Broken Access Control |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description#
The Cosmos DB account configuration allows access key write operations by not explicitly disabling ‘access_key_metadata_writes_enabled’. This increases the risk of unauthorized key changes or exposure.
Impact#
If exploited, attackers could modify or rotate database access keys, potentially gaining unauthorized access or disrupting services. This can lead to data breaches, loss of control over database access, and compromise of sensitive information.