# List Vulnerable App Regs ### Description Lists Azure AD app registrations that may be affected by CVE-2021-42306 by inspecting stored key credentials. Optionally exports the findings to a CSV file in Azure Storage. ### Location Organization → Security → List Vulnerable App Regs **Full Runbook name** rjgit-org\_security\_list-vulnerable-app-regs ### Permissions #### Application permissions * **Type**: Microsoft Graph * DeviceManagementManagedDevices.Read.All ### Parameters #### ExportToFile "List in Console" (final value: $false) or "Export to a CSV file" (final value: $true) can be selected as action to perform. The export saves the findings to a CSV file in Azure Storage. | Property | Value | | ------------- | ------- | | Required | false | | Default Value | False | | Type | Boolean | #### ContainerName Name of the Azure Storage container to upload the CSV report to. | Property | Value | | ------------- | ------ | | Required | false | | Default Value | | | Type | String | #### ResourceGroupName Name of the Azure Resource Group containing the Storage Account. | Property | Value | | ------------- | ------ | | Required | false | | Default Value | | | Type | String | #### StorageAccountName Name of the Azure Storage Account used for upload. | Property | Value | | ------------- | ------ | | Required | false | | Default Value | | | Type | String | #### StorageAccountLocation Azure region for the Storage Account if it needs to be created. | Property | Value | | ------------- | ------ | | Required | false | | Default Value | | | Type | String | #### StorageAccountSku SKU name for the Storage Account if it needs to be created. | Property | Value | | ------------- | ------ | | Required | false | | Default Value | | | Type | String | [Back to Runbook Reference overview](/automation/runbooks/runbook-references.md) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.realmjoin.com/automation/runbooks/runbook-references/org/security/list-vulnerable-app-regs.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.