Skip to content
Techzine Global
  • Home
  • Topstories
  • Topics
    • Analytics
    • Applications
    • Collaboration
    • Data Management
    • Devices
    • Devops
    • Infrastructure
    • Privacy & Compliance
    • Security
  • Insights
    • All Insights
    • Agentic AI
    • Analytics
    • Cloud ERP
    • Generative AI
    • IT in Retail
    • NIS2
    • RSAC 2025 Conference
    • Security Platforms
    • SentinelOne
  • More
    • Become a partner
    • About us
    • Contact us
    • Terms and conditions
    • Privacy Policy
  • Techzine Global
  • Techzine Netherlands
  • Techzine Belgium
  • Techzine TV
  • ICTMagazine Netherlands
  • ICTMagazine Belgium
Techzine » News » Security » Serious Azure Active Directory vulnerability resolved by Microsoft
2 min Security

Serious Azure Active Directory vulnerability resolved by Microsoft

Erik van KlinkenJune 21, 2023 12:07 pmJune 21, 2023
Serious Azure Active Directory vulnerability resolved by Microsoft

Microsoft has fixed an exploit in Azure Active Directory (AD) authentication. The vulnerability allowed intruders to escalate account privileges and control the entire account.

Organizations deploy Azure AD to control user access. Examples include providing the backend for Office 365 users or centralising authentication between on-prem and cloud-based environments.

nOAuth

The misconfiguration has been called nOAuth by Descope, the party that discovered the vulnerability. AD OAuth applications that use email claims to generate access tokens are at risk. The process for exploitation sounds as simple as it is worrisome. A threat actor’s Azure AD admin account need only have a target’s email address for reference to log into a vulnerable application. From then on, privileges can be escalated, including lateral movement within the affected environment.

In a blog, Descope identifies where things went wrong with Azure AD’s configuration. The email claim is mutable and does not require authentication to count as an identifier. Microsoft already discouraged users from using email for login, according to Descope.

Vulnerable

Descope does not name the targets by name, but speaks of “several major applications” that were exploited. This included a design app with millions of monthly users, a publicly traded customer experience company and a multi-cloud consulting firm. Administrators of vulnerable applications can turn to Descope’s “Suggested remediation steps” for help.

Given Azure AD’s massive market share within the identity and access management world (27.53 percent according to 6sense), such a vulnerability could potentially do a considerable amount of damage. However, Microsoft has already contacted vulnerable parties behind the scenes after it received word from Descope about the exploit on April 11.

Also read: Microsoft Bing penetrated through misconfiguration in Azure Active Directory

Tags:

account privileges / Azure Active Directory / vulnerability

"*" indicates required fields

This field is for validation purposes and should be left unchanged.

Stay tuned, subscribe!

Nieuwsbrieven*

Related

Microsoft fixes record number of vulnerabilities: 570

How Microsoft scales Azure Kubernetes Service for OpenAI

Microsoft sued over Azure reporting

Microsoft scales up Azure Local to a sovereign cloud, or does it?

Editor picks

SimpliVity to Private Cloud AI: how HPE’s stack fits together

HPE is reshaping its entire private cloud portfolio around a single o...

ASML High-NA EUV now mass-produces Intel 3 chips

On Wednesday, ASML raised its revenue forecast for the second time th...

No backdoors, no excuses: Cisco bets big on sovereign infrastructure

At Cisco Live in Las Vegas, Techzine TV spoke with Gordon Thomson, pr...

The unexpected consequences of digital sovereignty

There were good reasons for organizations to embrace the cloud. Now c...

Techzine.tv

How Nutanix is tackling multi-cloud Kubernetes and AI workloads

How Nutanix is tackling multi-cloud Kubernetes and AI workloads

How vCluster virtualizes Kubernetes for GPU efficiency

How vCluster virtualizes Kubernetes for GPU efficiency

Why OpenSearch doubled downloads under open governance

Why OpenSearch doubled downloads under open governance

How New Orleans monitors 2,000+ cameras in real time

How New Orleans monitors 2,000+ cameras in real time

Read more on Security

HPE iLO Security: From remote management to quantum-safe security
Top story

HPE iLO Security: From remote management to quantum-safe security

HPE's iLO management controller is far more than a remote access tool, it is the cornerstone of server securi...

Coen van Eenbergen July 3, 2026
CrowdStrike buys XM Cyber IP, brings Falcon to STACKIT cloud

CrowdStrike buys XM Cyber IP, brings Falcon to STACKIT cloud

CrowdStrike is deepening its ties with Schwarz Digits. The security vendor will acquire the intellectual prop...

Erik van Klinken 4 hours ago
Dawnguard promises true shift-left: “The only solution is to build something that isn’t vulnerable”
Top story

Dawnguard promises true shift-left: “The only solution is to build something that isn’t vulnerable”

Cybersecurity starts at the foundation. And in many cases, that’s the underlying architecture or code. If i...

Sander Almekinders July 1, 2026
Sandworm uses ClickFix against Ukrainian organizations

Sandworm uses ClickFix against Ukrainian organizations

The Russian state-sponsored hacking group Sandworm is now using the ClickFix attack technique to infect organ...

Mels Dees 13 hours ago

Expert Talks

AMD “Helios”: Building rack-scale AI Infrastructure for EMEA Enterprises

AMD “Helios”: Building rack-scale AI Infrastructure for EMEA Enterprises

AMD recently introduced the “Helios” rack-scale AI architecture, ...

Taking the right lessons from AI success stories

Taking the right lessons from AI success stories

While a lot of the current narratives around AI focus on stalled...

Why traditional security can’t protect your enterprise against AI threats

Today’s AI tools are a boon for many businesses, boosting efficienc...

Power critical workloads with all-NVMe active-active storage for non-stop enterprise operations 

Enterprise infrastructure has reached a turning point where planned d...

Tech calendar

GOTO Copenhagen 2026

September 28, 2026 TAP1, Raffinaderivej 10, 2300 København S, Denmark

Whitepapers

Experience Synology’s latest enterprise backup solution

Experience Synology’s latest enterprise backup solution

How do you ensure your company data is both secure and quickly recove...

How to choose the right Enterprise Linux platform?

How to choose the right Enterprise Linux platform?

"A Buyer's Guide to Enterprise Linux" comprehensively analyzes the mo...

Enhance your data protection strategy for 2025

The Data Protection Guide 2025 explores the essential strategies and...

Strengthen your cybersecurity with DNS best practices

The white paper "DNS Best Practices" by Infoblox presents essential g...

Techzine Global

Techzine focusses on IT professionals and business decision makers by publishing the latest IT news and background stories. The goal is to help IT professionals get acquainted with new innovative products and services, but also to offer in-depth information to help them understand products and services better.

Follow us

Twitter
LinkedIn
YouTube

© 2026 Dolphin Publications B.V.
All rights reserved.

Techzine Service

  • Become a partner
  • Advertising
  • About Us
  • Contact
  • Terms & Conditions
  • Privacy Statement