low

Azure AD Seamless SSO logging bypass

Published Wed, Sep 29th, 2021

Platforms

Summary

Azure Active Directory Seamless Single Sign-On feature allowed single-factor brute-force attacks against Azure AD without generating sign-in events in the targeted organization’s tenant.

Affected Services

Azure AD Seamless SSO

Remediation

None required

Tracked CVEs

No tracked CVEs

References

https://www.secureworks.com/research/undetected-azure-active-directory-brute-force-attacks

Contributed by https://github.com/korniko98

Entry Status

Finalized

Disclosure Date

Tue, Jun 29th, 2021

Exploitability Period

Known ITW Exploitation

Detection Methods

None

Piercing Index Rating

Discovered by

Secureworks

More vulnerabilities...

low

Exfiltrate data via the logs of GCP Org policy

Upon blocking a request, GCP Org policy constraints were logging the deny logs in Principal''s project and the blocking project. An attacker could use those logs to exfiltrate any data, by making r...

Jonathan Rault, TrustOnCloudSep 22, 2021

low

Predictible seed in Anthos Identity Service LDAP module

A vulnerability was discovered in the Anthos Identity Service (AIS) LDAP module of Anthos clusters on VMware versions 1.8 and 1.8.1 where a seed key used in generating keys is predictable. With thi...

Sep 22, 2021

high

AWS Workspace client RCE

If a user with AWS WorkSpaces 3.0.10-3.1.8 installed visits a page in their web browser with attacker controlled content, the attacker can get zero click RCE under common circumstances.

David Yesland, Rhino SecuritySep 21, 2021

View all