Security
Headlines
HeadlinesLatestCVEs

Headline

Guidance for Azure Active Directory (AD) keyCredential property Information Disclosure in Application and Service Principal APIs

Microsoft recently mitigated an information disclosure issue, CVE-2021-42306, to prevent private key data from being stored by some Azure services in the keyCredentialsproperty of an Azure Active Directory (Azure AD) Applicationand/or Service Principal, and prevent reading of private key data previously stored in the keyCredentials property. The keyCredentials property is used to configure an application’s authentication credentials.

msrc-blog
#microsoft#auth

msrc-blog: Latest News

Securing AI and Cloud with the Zero Day Quest