CVE-2021-42306
CVE-2021-42306 describes an information-disclosure vulnerability in Azure AD where private key data uploaded as part of a certificate in the keyCredential of an Application or Service Principal could be read by an entity with application read access in the tenant. The root cause is the handling o...