List Vulnerable App Regs

Description

Lists Azure AD app registrations that may be affected by CVE-2021-42306 by inspecting stored key credentials. Optionally exports the findings to a CSV file in Azure Storage.

Location

Organization → Security → List Vulnerable App Regs

Full Runbook name

rjgit-org_security_list-vulnerable-app-regs

Permissions

Application permissions

• Type: Microsoft Graph

  • DeviceManagementManagedDevices.Read.All

Parameters

ExportToFile

"List in Console" (final value: $false) or "Export to a CSV file" (final value: $true) can be selected as action to perform. The export saves the findings to a CSV file in Azure Storage.

ContainerName

Name of the Azure Storage container to upload the CSV report to.

ResourceGroupName

Name of the Azure Resource Group containing the Storage Account.

StorageAccountName

Name of the Azure Storage Account used for upload.

StorageAccountLocation

Azure region for the Storage Account if it needs to be created.

StorageAccountSku

SKU name for the Storage Account if it needs to be created.

Back to Runbook Reference overview