Experts Uncover How Cybercriminals Could Exploit Microsoft Entra ID for Elevated Privilege,
Cybersecurity researchers have discovered a case of privilege escalation associated with a Microsoft Entra ID (formerly Azure Active Directory) application by taking advantage of an abandoned reply URL.
« An attacker could leverage this abandoned URL to redirect authorization codes to themselves, exchanging the ill-gotten authorization codes for access tokens, » Secureworks Counter Threat Unit (
« An attacker could leverage this abandoned URL to redirect authorization codes to themselves, exchanging the ill-gotten authorization codes for access tokens, » Secureworks Counter Threat Unit (
,
Cybersecurity researchers have discovered a case of privilege escalation associated with a Microsoft Entra ID (formerly Azure Active Directory) application by taking advantage of an abandoned reply URL.
« An attacker could leverage this abandoned URL to redirect authorization codes to themselves, exchanging the ill-gotten authorization codes for access tokens, » Secureworks Counter Threat Unit (
« An attacker could leverage this abandoned URL to redirect authorization codes to themselves, exchanging the ill-gotten authorization codes for access tokens, » Secureworks Counter Threat Unit (
, ,
https://thehackernews.com/2023/08/experts-uncover-how-cybercriminals.html