Tenable, which initially discovered and reported the shortcoming to Redmond on March 30, 2023, said the problem could enable limited, unauthorized access to cross-tenant applications and sensitive data. The company further noted that no customer action is required and that it found no evidence of active exploitation of the vulnerability in the wild. "The potential impact could be unintended information disclosure if secrets or other sensitive information were embedded in the Custom Code function." "The vulnerability could lead to unauthorized access to Custom Code functions used for Power Platform custom connectors," the tech giant said. Microsoft on Friday disclosed that it has addressed a critical security flaw impacting Power Platform, but not before it came under criticism for its failure to swiftly act on it.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |