A critical security flaw in the Azure API Management Developer Portal enables attackers to bypass administrator controls and register accounts across multiple tenants, even when user sign-up has been explicitly disabled. The vulnerability remains unpatched as Microsoft considers it working “by design.” The Vulnerability Security researcher Mihalis Haatainen from Finnish cybersecurity firm Bountyy Oy discovered […]

The post Azure API Management Vulnerability Lets Attackers Create Accounts Across Tenants appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Source: gbHackers
Source Link: https://gbhackers.com/azure-api-management-vulnerability-2/