writeups.xyz / Roles allowing to abuse Entra ID federation for persistence and privilege escalation

Submitter : c2a

Date: 9 January 2024

Bounty : undisclosed

Vulnerabilities :

Privilege Escalation

Programs :

Microsoft (Azure AD)

Authors :

Clémentin Notin (@Cnotin)

Link :
https://medium.com/tenable-techblog/roles-allowing-to-abuse-entra-id-federation-for-persistence-and-privilege-escalation-df9ca6e58360