{"id":46406,"date":"2022-04-28T22:23:17","date_gmt":"2022-04-28T22:23:17","guid":{"rendered":"https:\/\/www.darkreading.com\/cloud\/microsoft-patches-pair-of-dangerous-vulnerabilities-in-azure-postgresql"},"modified":"2022-04-28T22:23:17","modified_gmt":"2022-04-28T22:23:17","slug":"microsoft-patches-pair-of-dangerous-vulnerabilities-in-azure-postgresql","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/microsoft-patches-pair-of-dangerous-vulnerabilities-in-azure-postgresql\/","title":{"rendered":"Microsoft Patches Pair of Dangerous Vulnerabilities in Azure PostgreSQL"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt8ccbb84c5b119826\/626b0c99e9dae965bdbca9c2\/azure_Burdun_Iliya_shutterstock.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>Microsoft has patched a dangerous pair of vulnerabilities in its Azure Database for PostgreSQL Flexible Server that gave attackers unauthorized cross-account access to databases in cloud hosted environments.<\/p>\n<p>The first is a privilege escalation bug in a modification that Microsoft made to the PostgreSQL engine. The second is a bug that leverages the privilege escalation enabled by the former to give attackers cross-account access.<\/p>\n<p>Threat actors could have used the flaws to bypass authentication mechanisms and gain full access to customer data across multiple databases in a region without leaving any trace of their presence, researchers from cloud security vendor Wiz Research recently discovered.<\/p>\n<p>&#8220;An attacker could create a full copy of a target database in Azure PostgreSQL [Flexible Server], essentially exfiltrating all the information stored in the database,&#8221; says Ami Luttwak, co-founder and CTO at Wiz. The vulnerabilities would have allowed attackers to bypass firewalls configured to protect the hosted databases unless an organization had configured it for private access only. &#8220;But this is not the default configuration,&#8221; Luttwak says.<\/p>\n<p>In an advisory Thursday, Microsoft described the security issue as impacting organizations that had deployed their PostgreSQL Flexible Server instances using the public access networking option. The company said it mitigated the issue on Jan. 13, 2022, less than 48 hours after Wiz had notified it of the issue. Microsoft said its analysis showed <a href=\"https:\/\/msrc-blog.microsoft.com\/2022\/04\/28\/azure-database-for-postgresql-flexible-server-privilege-escalation-and-remote-code-execution\" target=\"_blank\" rel=\"noopener\">no evidence of attackers having exploited the vulnerabilities<\/a> to access customer data. Though organizations using the service need not take any action, Microsoft recommended they enable private network access for their Flexible Server instances to minimize exposure to similar issues.<\/p>\n<p>Luttwak says vulnerabilities like these highlight why organizations need to have a defense in depth security model when deploying and running cloud workloads. He says, &#8220;Here, a simple developer mistake \u2014 a wrong prefix validation \u2014 led to a potential ability for attackers to gain access to customer data.&#8221; The only way to mitigate such risks is to have multiple layers of protection so a single bug does not allow for a compromise, Luttwak says.<\/p>\n<p>The Wiz researchers found the bugs as part of a wider research effort to find <a href=\"https:\/\/www.wiz.io\/blog\/wiz-research-discovers-extrareplica-cross-account-database-vulnerability-in-azure-postgresql\/\" target=\"_blank\" rel=\"noopener\">cross-account access vulnerabilities<\/a> in cloud services. These are a class of vulnerabilities that essentially give attackers a way to break through tenant isolation mechanisms in cloud environments to access other customer accounts and data. Wiz&#8217;s effort follows the company&#8217;s discovery in August 2021 of a critical vulnerability \u2014 dubbed ChaosDB \u2014 in Microsoft&#8217;s Azure Cosmos DB that gave the company <a href=\"https:\/\/www.wiz.io\/blog\/chaosdb-how-we-hacked-thousands-of-azure-customers-databases\/\" target=\"_blank\" rel=\"noopener\">unrestricted access to databases and accounts<\/a> belonging to thousands of customers of the Azure service, many of whom were Fortune 500 companies.<\/p>\n<p>&#8220;Following the ChaosDB vulnerability we disclosed last year, we specifically focused on cloud-managed databases as they pose the most risk holding sensitive customer data,&#8221; Luttwak notes.<\/p>\n<p><strong>Cross-Account Access Flaws in the Cloud<\/strong><br \/>Wiz decided to focus on Azure PostgreSQL Flexible Server because it is a widely used cloud managed database service, where the database instances run in an internal cloud environment owned by the service provider. The researchers began by trying to figure out a way to escalate privileges within their own PostgreSQL Flexible Server instance and discovered a vulnerability in some modifications that Microsoft had made to the engine ostensibly to harden its privilege model.<\/p>\n<p>&#8220;The privilege escalation bug is not a PostgreSQL vulnerability, but rather is a result of modifications Azure introduced to the PostgreSQL engine on their end,&#8221; Luttwak says. &#8220;It&#8217;s likely these modifications were introduced to help Azure better manage customers&#8217; instances and reduce friction.&#8221;<\/p>\n<p>Once the researchers gained code execution privileges on their PostgreSQL Flexible Server instance, they found they had network access to other accounts within the subnet via their internal network interface. To test whether the access would work, the researchers created another PostgreSQL Flexible instance using a separate account and tried accessing it from their first database. When that worked, they looked for a way to similarly use their instance to access other accounts without authenticating to them. This led to the discovery of a vulnerability that allowed them to do just that, using a forged certificate.<\/p>\n<p>Luttwak explains the exploit as leveraging an Azure high availability function that uses PostgreSQL&#8217;s replication feature to replicate databases between servers.<\/p>\n<p>&#8220;The replication service connects to the database instance and has the permissions to replicate it to other nodes&#8221; via a shared network, he says. Wiz researchers found they could get complete copies of other databases by authenticating as the replication service to other PostgreSQL instances using a certificate issued to an arbitrary domain rather than Azure&#8217;s replication service certificate.<\/p>\n<p>&#8220;We didn&#8217;t actually achieve access to the replication service certificate,&#8221; Luttwak says. &#8220;But we found a way to bypass [it] since the PostgreSQL was only looking for a private key with a certain prefix.&#8221;<\/p>\n<p>That allowed Wiz to simply create a legitimate-looking certificate that passed the authentication, Luttwak notes.<\/p>\n<p>He says the two \u2014 now patched \u2014 vulnerabilities would have needed to be chained to have significant impact. That&#8217;s because the first vulnerability only provides local access to a database instance. But without it, an attacker would not have the privileges required for cross-account access.<\/p>\n<p>Read More <a href=\"https:\/\/www.darkreading.com\/cloud\/microsoft-patches-pair-of-dangerous-vulnerabilities-in-azure-postgresql\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Flaws gave attackers a way to access other cloud accounts and databases, security vendor says.Read More <a href=\"https:\/\/www.darkreading.com\/cloud\/microsoft-patches-pair-of-dangerous-vulnerabilities-in-azure-postgresql\">HERE<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[151],"tags":[],"class_list":["post-46406","post","type-post","status-publish","format-standard","hentry","category-darkreading-ti"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Microsoft Patches Pair of Dangerous Vulnerabilities in Azure PostgreSQL 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/microsoft-patches-pair-of-dangerous-vulnerabilities-in-azure-postgresql\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Microsoft Patches Pair of Dangerous Vulnerabilities in Azure PostgreSQL 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/microsoft-patches-pair-of-dangerous-vulnerabilities-in-azure-postgresql\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2022-04-28T22:23:17+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt8ccbb84c5b119826\/626b0c99e9dae965bdbca9c2\/azure_Burdun_Iliya_shutterstock.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-patches-pair-of-dangerous-vulnerabilities-in-azure-postgresql\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-patches-pair-of-dangerous-vulnerabilities-in-azure-postgresql\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Microsoft Patches Pair of Dangerous Vulnerabilities in Azure PostgreSQL\",\"datePublished\":\"2022-04-28T22:23:17+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-patches-pair-of-dangerous-vulnerabilities-in-azure-postgresql\\\/\"},\"wordCount\":866,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-patches-pair-of-dangerous-vulnerabilities-in-azure-postgresql\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt8ccbb84c5b119826\\\/626b0c99e9dae965bdbca9c2\\\/azure_Burdun_Iliya_shutterstock.jpg\",\"articleSection\":[\"DarkReading |TI\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-patches-pair-of-dangerous-vulnerabilities-in-azure-postgresql\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-patches-pair-of-dangerous-vulnerabilities-in-azure-postgresql\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-patches-pair-of-dangerous-vulnerabilities-in-azure-postgresql\\\/\",\"name\":\"Microsoft Patches Pair of Dangerous Vulnerabilities in Azure PostgreSQL 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-patches-pair-of-dangerous-vulnerabilities-in-azure-postgresql\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-patches-pair-of-dangerous-vulnerabilities-in-azure-postgresql\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt8ccbb84c5b119826\\\/626b0c99e9dae965bdbca9c2\\\/azure_Burdun_Iliya_shutterstock.jpg\",\"datePublished\":\"2022-04-28T22:23:17+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-patches-pair-of-dangerous-vulnerabilities-in-azure-postgresql\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-patches-pair-of-dangerous-vulnerabilities-in-azure-postgresql\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-patches-pair-of-dangerous-vulnerabilities-in-azure-postgresql\\\/#primaryimage\",\"url\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt8ccbb84c5b119826\\\/626b0c99e9dae965bdbca9c2\\\/azure_Burdun_Iliya_shutterstock.jpg\",\"contentUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt8ccbb84c5b119826\\\/626b0c99e9dae965bdbca9c2\\\/azure_Burdun_Iliya_shutterstock.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-patches-pair-of-dangerous-vulnerabilities-in-azure-postgresql\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Microsoft Patches Pair of Dangerous Vulnerabilities in Azure PostgreSQL\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Microsoft Patches Pair of Dangerous Vulnerabilities in Azure PostgreSQL 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/microsoft-patches-pair-of-dangerous-vulnerabilities-in-azure-postgresql\/","og_locale":"en_US","og_type":"article","og_title":"Microsoft Patches Pair of Dangerous Vulnerabilities in Azure PostgreSQL 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/microsoft-patches-pair-of-dangerous-vulnerabilities-in-azure-postgresql\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2022-04-28T22:23:17+00:00","og_image":[{"url":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt8ccbb84c5b119826\/626b0c99e9dae965bdbca9c2\/azure_Burdun_Iliya_shutterstock.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-patches-pair-of-dangerous-vulnerabilities-in-azure-postgresql\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-patches-pair-of-dangerous-vulnerabilities-in-azure-postgresql\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Microsoft Patches Pair of Dangerous Vulnerabilities in Azure PostgreSQL","datePublished":"2022-04-28T22:23:17+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-patches-pair-of-dangerous-vulnerabilities-in-azure-postgresql\/"},"wordCount":866,"commentCount":0,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-patches-pair-of-dangerous-vulnerabilities-in-azure-postgresql\/#primaryimage"},"thumbnailUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt8ccbb84c5b119826\/626b0c99e9dae965bdbca9c2\/azure_Burdun_Iliya_shutterstock.jpg","articleSection":["DarkReading |TI"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.threatshub.org\/blog\/microsoft-patches-pair-of-dangerous-vulnerabilities-in-azure-postgresql\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-patches-pair-of-dangerous-vulnerabilities-in-azure-postgresql\/","url":"https:\/\/www.threatshub.org\/blog\/microsoft-patches-pair-of-dangerous-vulnerabilities-in-azure-postgresql\/","name":"Microsoft Patches Pair of Dangerous Vulnerabilities in Azure PostgreSQL 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-patches-pair-of-dangerous-vulnerabilities-in-azure-postgresql\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-patches-pair-of-dangerous-vulnerabilities-in-azure-postgresql\/#primaryimage"},"thumbnailUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt8ccbb84c5b119826\/626b0c99e9dae965bdbca9c2\/azure_Burdun_Iliya_shutterstock.jpg","datePublished":"2022-04-28T22:23:17+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-patches-pair-of-dangerous-vulnerabilities-in-azure-postgresql\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/microsoft-patches-pair-of-dangerous-vulnerabilities-in-azure-postgresql\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-patches-pair-of-dangerous-vulnerabilities-in-azure-postgresql\/#primaryimage","url":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt8ccbb84c5b119826\/626b0c99e9dae965bdbca9c2\/azure_Burdun_Iliya_shutterstock.jpg","contentUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt8ccbb84c5b119826\/626b0c99e9dae965bdbca9c2\/azure_Burdun_Iliya_shutterstock.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-patches-pair-of-dangerous-vulnerabilities-in-azure-postgresql\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Microsoft Patches Pair of Dangerous Vulnerabilities in Azure PostgreSQL"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/46406","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=46406"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/46406\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=46406"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=46406"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=46406"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}