{"vulnerability": "CVE-2021-4230", "sightings": [{"uuid": "6f97c8e3-aaaa-4ae7-a340-62ffd1ffbde2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-42306", "type": "published-proof-of-concept", "source": "https://t.me/cloud_sec/242", "content": "\ud83d\udd37 CVE-2021-42306 CredManifest: App Registration Certificates Stored in Azure Active Directory\n\nAnother security issue discovered in Azure: due to a misconfiguration, Automation Account \"Run as\" credentials (PFX certificates) were being stored in cleartext in Azure Active Directory (AAD).\n\nhttps://www.netspi.com/blog/technical/cloud-penetration-testing/azure-cloud-vulnerability-credmanifest/ \n \n#azure", "creation_timestamp": "2021-11-22T06:27:10.000000Z"}, {"uuid": "e2472ca8-9ccf-4f6c-a4db-a4c22c8ca23b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4230", "type": "seen", "source": "https://t.me/cibsecurity/43282", "content": "\u203c CVE-2021-4230 \u203c\n\nA vulnerability has been found in Airfield Online and classified as problematic. This vulnerability affects the path /backups/ of the MySQL backup handler. An attacker is able to get access to sensitive data without proper authentication. It is recommended to the change the configuration settings.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-24T20:37:07.000000Z"}, {"uuid": "d372a148-a7c4-4fe0-8eec-94bda7fc97f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-42304", "type": "seen", "source": "https://t.me/cibsecurity/32135", "content": "\u203c CVE-2021-42304 \u203c\n\nAzure RTOS Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42302, CVE-2021-42303.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-10T07:41:48.000000Z"}, {"uuid": "3fe2ef09-ca95-446c-bbed-e8d48dcef3a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-42303", "type": "seen", "source": "https://t.me/cibsecurity/32135", "content": "\u203c CVE-2021-42304 \u203c\n\nAzure RTOS Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42302, CVE-2021-42303.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-10T07:41:48.000000Z"}, {"uuid": "93127f7c-8857-421b-9cc2-0bbb4ce9a474", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-42302", "type": "seen", "source": "https://t.me/cibsecurity/32135", "content": "\u203c CVE-2021-42304 \u203c\n\nAzure RTOS Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42302, CVE-2021-42303.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-10T07:41:48.000000Z"}, {"uuid": "d781778a-0639-4859-bae8-d0f2380460ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-42306", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/4782", "content": "#Offensive_security\n1. CVE-2021-42306 CredManifest:\nApp Registration Certificates Stored in Azure AD\nhttps://www.netspi.com/blog/technical/cloud-penetration-testing/azure-cloud-vulnerability-credmanifest\n2. Windows Security Updates for Hackers\nhttps://bitsadm.in/blog/windows-security-updates-for-hackers", "creation_timestamp": "2021-11-18T13:13:22.000000Z"}, {"uuid": "0c06c35c-efdd-49ba-8a41-cb70cf01ef11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-42306", "type": "seen", "source": "https://msrc.microsoft.com/blog/2021/11/guidance-for-azure-active-directory-ad-keycredential-property-information-disclosure-in-application-and-service-principal-apis/", "content": "", "creation_timestamp": "2021-11-17T07:00:00.000000Z"}, {"uuid": "3f76b29a-ca46-4f1d-a0bc-d770f942aa68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-42307", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11711", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2021-42307\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C)\n\ud83d\udd39 Description: Microsoft Edge (Chromium-based) Information Disclosure Vulnerability\n\ud83d\udccf Published: 2023-06-30T23:08:37.767Z\n\ud83d\udccf Modified: 2025-04-14T22:46:49.741Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42307", "creation_timestamp": "2025-04-14T22:53:33.000000Z"}, {"uuid": "c7c5d3b9-f741-4fe0-b35f-ba39024726fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-42307", "type": "seen", "source": "https://t.me/cibsecurity/65841", "content": "\u203c CVE-2021-42307 \u203c\n\nMicrosoft Edge (Chromium-based) Information Disclosure Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-01T07:15:49.000000Z"}]}