low

Azure AD Seamless SSO logging bypass

Published Wed, Sep 29th, 2021

Platforms

Summary

Azure Active Directory Seamless Single Sign-On feature allowed single-factor brute-force attacks against Azure AD without generating sign-in events in the targeted organization’s tenant.

Affected Services

Azure AD Seamless SSO

Remediation

None required

Tracked CVEs

No tracked CVEs

References

https://www.secureworks.com/research/undetected-azure-active-directory-brute-force-attacks

Contributed by https://github.com/korniko98

Disclosure Date

Tue, Jun 29th, 2021

Exploitablity Period

Known ITW Exploitation

Detection Methods

Piercing Index Rating

Discovered by

Secureworks

More vulnerabilities...

low

Exfiltrate data via the logs of GCP Org policy

Upon blocking a request, GCP Org policy constraints were logging the deny logs in Principal''s project and the blocking project. An attacker could use those logs to exfiltrate any data, by making r...

Jonathan Rault, TrustOnCloud

Wed, Sep 22nd, 2021

high

AWS Workspace client RCE

If a user with AWS WorkSpaces 3.0.10-3.1.8 installed visits a page in their web browser with attacker controlled content, the attacker can get zero click RCE under common circumstances.

David Yesland, Rhino Security

Tue, Sep 21st, 2021

medium

GCP IAP bypass

Convincing a victim to click a specially crafted link would allow the attacker to bypass the Identity-Aware Proxy (a core component of BeyondCorp).

Unknown

Fri, Sep 17th, 2021

View all