Security News > 2019 > December > Microsoft OAuth Flaw Opens Azure Accounts to Takeover

Microsoft OAuth Flaw Opens Azure Accounts to Takeover

2019-12-02 21:00

The Microsoft applications are vulnerable to an OAuth authentication flaw that could enable Azure account takeover.

News URL

https://threatpost.com/microsoft-oauth-flaw-azure-takeover/150737/

#azure #microsoft #oauth #takeover

Related news

Malicious Adobe, DocuSign OAuth apps target Microsoft 365 accounts (source)
Microsoft Secures MSA Signing with Azure Confidential VMs Following Storm-0558 Breach (source)
Attackers phish OAuth codes, take over Microsoft 365 accounts (source)
Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp (source)
Hackers abuse OAuth 2.0 workflows to hijack Microsoft 365 accounts (source)

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Microsoft		383	52	1433	2959	181	4625

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.