Posted November 17, 20213 yr Microsoft recently mitigated an information disclosure issue, CVE-2021-42306, to prevent private key data from being stored by some Azure services in the keyCredentials property of an Azure Active Directory (Azure AD) Application and/or Service Principal, and prevent reading of private key data previously stored in the keyCredentials property.The keyCredentials property is used to configure an … Guidance for Azure Active Directory (AD) keyCredential property Information Disclosure in Application and Service Principal APIs Read More » Continue reading...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.