3 matches found
CVE-2024-21381
The connected source (NCSC advisory) confirms CVE-2024-21381 affects Microsoft Azure Active Directory B2C and is categorized as a spoofing vulnerability with the practical impact described as “Pretend to be another user.” The advisory lists it under Azure Active Directory vulnerabilities with a C...
CVE-2021-42306
CVE-2021-42306 describes an information-disclosure vulnerability in Azure AD where private key data uploaded as part of a certificate in the keyCredential of an Application or Service Principal could be read by an entity with application read access in the tenant. The root cause is the handling o...
CVE-2026-45480
CVE-2026-45480 affects Azure Active Directory; improper authentication enables elevation of privileges over a network. The CVSS 3.1 score is 10.0 (CRITICAL) with network attack vector, no user interaction, and HIGH impact on confidentiality, integrity, and availability. No specific patch version ...