Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft azure active directory vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv3
CVE-2024-21381
Microsoft Azure Active Directory B2C Spoofing Vulnerability
Microsoft Azure Active Directory -
5.3
CVSSv3
CVE-2023-51663
Hail is an open-source, general-purpose, Python-based data analysis tool with additional data types and methods for working with genomic data. Hail relies on OpenID Connect (OIDC) email addresses from ID tokens to verify the validity of a user's domain, but because users hav...
Hail Hail
6.5
CVSSv3
CVE-2023-36871
Azure Active Directory Security Feature Bypass Vulnerability
Microsoft Windows Server 2016 -
Microsoft Windows Server 2019 -
Microsoft Windows Server 2022 -
Microsoft Windows 10 1809
Microsoft Windows 11 21h2
Microsoft Windows 10 21h2
Microsoft Windows 11 22h2
Microsoft Windows 10 22h2
Microsoft Windows 10 1507
Microsoft Windows 10 1607
5.3
CVSSv3
CVE-2022-23551
aad-pod-identity assigns Azure Active Directory identities to Kubernetes applications and has now been deprecated as of 24 October 2022. The NMI component in AAD Pod Identity intercepts and validates token requests based on regex. In this case, a token request made with backslash...
Microsoft Azure Ad Pod Identity
8.1
CVSSv3
CVE-2021-42306
An information disclosure vulnerability manifests when a user or an application uploads unprotected private key data as part of an authentication certificate keyCredential? on an Azure AD Application or Service Principal (which is not recommended). This vulnerability allows a use...
Microsoft Azure Migrate
Microsoft Azure Active Site Recovery
Microsoft Azure Automation
Microsoft Azure Active Directory
1 Github repository
1 Article
10
CVSSv3
CVE-2021-37705
OneFuzz is an open source self-hosted Fuzzing-As-A-Service platform. Starting with OneFuzz 2.12.0 or greater, an incomplete authorization check allows an authenticated user from any Azure Active Directory tenant to make authorized API calls to a vulnerable OneFuzz instance. To be...
Microsoft Onefuzz
7.1
CVSSv3
CVE-2021-36949
Microsoft Azure Active Directory Connect Authentication Bypass Vulnerability
Microsoft Azure Active Directory Connect Provisioning Agent
Microsoft Azure Active Directory Connect
5.5
CVSSv3
CVE-2021-1677
Azure Active Directory Pod Identity Spoofing Vulnerability
Microsoft Azure Kubernetes Service -
1 Article
4.3
CVSSv3
CVE-2019-1172
An information disclosure vulnerability exists in Azure Active Directory (AAD) Microsoft Account (MSA) during the login request session. An attacker who successfully exploited the vulnerability could take over a user's account. To exploit the vulnerability, an attacker would...
Microsoft Windows Server 2012 R2
Microsoft Windows 10 1607
Microsoft Windows 8.1 -
Microsoft Windows Server 2016 -
Microsoft Windows Rt 8.1 -
Microsoft Windows 10 1703
Microsoft Windows Server 2012 -
Microsoft Windows 10 -
Microsoft Windows 10 1709
Microsoft Windows 10 1803
Microsoft Windows Server 2016 1803
Microsoft Windows Server 2019 -
Microsoft Windows 10 1809
Microsoft Windows Server 2016 1903
Microsoft Windows 10 1903
1 Article
8.8
CVSSv3
CVE-2019-1258
An elevation of privilege vulnerability exists in Azure Active Directory Authentication Library On-Behalf-Of flow, in the way the library caches tokens. This vulnerability allows an authenticated malicious user to perform actions in context of another user. The authenticated atta...
Microsoft Active Directory Authentication Library 5.0.3
Microsoft Active Directory Authentication Library 5.0.2
Microsoft Active Directory Authentication Library 5.0.1
Microsoft Active Directory Authentication Library 5.0.0
Microsoft Active Directory Authentication Library
Microsoft Nuget 5.2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »