An elevation of privilege vulnerability exists in Azure Automation "RunAs account" runbooks for users with contributor role, aka 'Azure Automation Elevation of Privilege Vulnerability'.
4.9CVSS
5.9AI Score
0.001EPSS
An information disclosure vulnerability manifests when a user or an application uploads unprotected private key data as part of an authentication certificate keyCredential on an Azure AD Application or Service Principal (which is not recommended). This vulnerability allows a user or service in the ...
8.1CVSS
6.3AI Score
0.003EPSS
7.8CVSS
8.1AI Score
0.0004EPSS