CVE-2024-27086

The MSAL library enabled acquisition of security tokens to call protected APIs. MSAL.NET applications targeting Xamarin Android and .NET Android e.g., MAUI using the library from versions 4.48.0 to 4.60.0 are impacted by a low severity vulnerability. A malicious application running on a customer...

Denial Of Service (DoS)

microsoft.identity.client is vulnerable to Denial of Service. The vulnerability is due to an incorrect activity export configuration, allowing a malicious application on the same Android device to interfere with the authentication processes. This vulnerability is only exploitable to applications...

CVE-2024-27086

The MSAL library enabled acquisition of security tokens to call protected APIs. MSAL.NET applications targeting Xamarin Android and .NET Android e.g., MAUI using the library from versions 4.48.0 to 4.60.0 are impacted by a low severity vulnerability. A malicious application running on a customer...

MSAL.NET applications targeting Xamarin Android and .NET Android (MAUI) susceptible to local denial of service

!IMPORTANT ONLY applications targeting Xamarin Android and .NET Android MAUI are impacted. All others can safely dismiss this CVE. Impact MSAL.NET applications targeting Xamarin Android and .NET Android e.g., MAUI using the library from versions 4.48.0 to 4.60.3 inclusive, except 4.59.1 and 4.60....

Improper Export of Android Application Components

Overview Affected versions of this package are vulnerable to Improper Export of Android Application Components in AuthenticationAgentActivity.cs, which can allow denial of service to applications on the same device using MSAL.NET for authentication. A malicious application installed by the victim...

GHSA-X674-V45J-FWXW MSAL.NET applications targeting Xamarin Android and .NET Android (MAUI) susceptible to local denial of service

!IMPORTANT ONLY applications targeting Xamarin Android and .NET Android MAUI are impacted. All others can safely dismiss this CVE. Impact MSAL.NET applications targeting Xamarin Android and .NET Android e.g., MAUI using the library from versions 4.48.0 to 4.60.3 inclusive, except 4.59.1 and 4.60....

CVE-2024-27086 MSAL.NET applications targeting Xamarin Android and .NET Android (MAUI) susceptible to local denial of service

The MSAL library enabled acquisition of security tokens to call protected APIs. MSAL.NET applications targeting Xamarin Android and .NET Android e.g., MAUI using the library from versions 4.48.0 to 4.60.0 are impacted by a low severity vulnerability. A malicious application running on a customer...

CVE-2024-27086 MSAL.NET applications targeting Xamarin Android and .NET Android (MAUI) susceptible to local denial of service

The MSAL library enabled acquisition of security tokens to call protected APIs. MSAL.NET applications targeting Xamarin Android and .NET Android e.g., MAUI using the library from versions 4.48.0 to 4.60.0 are impacted by a low severity vulnerability. A malicious application running on a customer...

CVE-2024-27086

MSAL.NET for Xamarin Android and .NET Android (MAUI) is affected when using versions 4.48.0–4.60.0, due to an incorrect activity export configuration that can allow a local attacker on the device to cause a denial of service and block user login to affected apps. The vulnerability is classed as L...

CVE-2024-27086 MSAL.NET applications targeting Xamarin Android and .NET Android (MAUI) susceptible to local denial of service

The MSAL library enabled acquisition of security tokens to call protected APIs. MSAL.NET applications targeting Xamarin Android and .NET Android e.g., MAUI using the library from versions 4.48.0 to 4.60.0 are impacted by a low severity vulnerability. A malicious application running on a customer...