Vulnerability in Azure Active Directory Authentication Library
High severity
GitHub Reviewed
Published
Aug 16, 2019
to the GitHub Advisory Database
•
Updated Jan 9, 2023
Package
Affected versions
>= 5.0.0, <= 5.1.1
Patched versions
5.2.0
Description
Reviewed
Aug 15, 2019
Published to the GitHub Advisory Database
Aug 16, 2019
Last updated
Jan 9, 2023
An elevation of privilege vulnerability exists in Azure Active Directory Authentication Library On-Behalf-Of flow, in the way the library caches tokens, aka 'Azure Active Directory Authentication Library Elevation of Privilege Vulnerability'.
References