Exposing an ASP.NET Core appsettings.json file containing Azure Active Directory (Azure AD) credentials poses acritical attack vector, effectively handing adversaries the keys to an organization’s cloud environment. During a recent cybersecurity assessment by Resecurity’s HUNTER Team, researchers discovered that a publicly accessible appsettings.json file had exposed the ClientId and ClientSecret of an Azure AD application, […] The post Azure AD Vulnerability Leaks Credentials, Lets Attackers Deploy Malicious Apps appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/azure-ad-vulnerability-leaks-credentials/
