.png "GCP CloudSQL Vulnerability Leads to Internal Container Access and Data Exposure")
GCP CloudSQL Vulnerability Leads to Internal Container Access and Data Exposure
One of the top three cloud providers is Google Cloud Platform (GCP), which offers a range of services including a managed database service called CloudSQL. CloudSQL is capable of supporting three different database engines: MySQL, PostgreSQL, and SQL Server.
By their nature, databases tend to contain large amounts of information, and often contain sensitive information such as PII, Developer Secrets, and even financial data like bank accounts or credit cards. In our research, we chose to focus on CloudSQL because of its potential impact on customer data.
Many vulnerabilities have been disclosed in MySQL and PostgreSQL hosted in all 3 major cloud environments (GCP, AWS and Azure). The integration of database engines to native CSP services required significant changes to be made which exposed new risks and vulnerabilities. Unlike the other two, SQL Server is not an open-source DB, which means that it could not be modified by the cloud providers. To integrate SQL Server to their environments, cloud providers built their own security layer on top of the database engine.
To gain a better understanding of this new vulnerability and its impact, it’s important to understand how permissions are structured in SQL server.
