Skip to main content

Azure Active Site Recovery

1 CVEs product

Monthly

CVE-2021-42306 HIGH PATCH This Week

An information disclosure vulnerability manifests when a user or an application uploads unprotected private key data as part of an authentication certificate keyCredential on an Azure AD Application. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. This Insufficiently Protected Credentials vulnerability could allow attackers to obtain user credentials due to weak protection mechanisms.

Microsoft Information Disclosure Azure Active Directory Azure Active Site Recovery Azure Automation +1
NVD
CVSS 3.1
8.1
EPSS
3.1%
EPSS 3% CVSS 8.1
HIGH PATCH This Week

An information disclosure vulnerability manifests when a user or an application uploads unprotected private key data as part of an authentication certificate keyCredential on an Azure AD Application. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. This Insufficiently Protected Credentials vulnerability could allow attackers to obtain user credentials due to weak protection mechanisms.

Microsoft Information Disclosure Azure Active Directory +3
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy