{"vulnerability": "CVE-2021-42306", "sightings": [{"uuid": "0c06c35c-efdd-49ba-8a41-cb70cf01ef11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42306", "type": "seen", "source": "https://msrc.microsoft.com/blog/2021/11/guidance-for-azure-active-directory-ad-keycredential-property-information-disclosure-in-application-and-service-principal-apis/", "content": "", "creation_timestamp": "2021-11-17T07:00:00.000000Z"}, {"uuid": "6f97c8e3-aaaa-4ae7-a340-62ffd1ffbde2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42306", "type": "published-proof-of-concept", "source": "https://t.me/cloud_sec/242", "content": "\ud83d\udd37 CVE-2021-42306 CredManifest: App Registration Certificates Stored in Azure Active Directory\n\nAnother security issue discovered in Azure: due to a misconfiguration, Automation Account \"Run as\" credentials (PFX certificates) were being stored in cleartext in Azure Active Directory (AAD).\n\nhttps://www.netspi.com/blog/technical/cloud-penetration-testing/azure-cloud-vulnerability-credmanifest/ \n \n#azure", "creation_timestamp": "2021-11-22T06:27:10.000000Z"}, {"uuid": "d781778a-0639-4859-bae8-d0f2380460ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42306", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/4782", "content": "#Offensive_security\n1. CVE-2021-42306 CredManifest:\nApp Registration Certificates Stored in Azure AD\nhttps://www.netspi.com/blog/technical/cloud-penetration-testing/azure-cloud-vulnerability-credmanifest\n2. Windows Security Updates for Hackers\nhttps://bitsadm.in/blog/windows-security-updates-for-hackers", "creation_timestamp": "2021-11-18T13:13:22.000000Z"}]}