TTCSIRT-217.070919: TT-CSIRT Advisory – Microsoft Security Updates
Microsoft has released a security update stating that an elevation of privilege vulnerability exists in Azure Automation “RunAs account” runbooks for users with contributor role. This could potentially allow members of an organization to access Key Vault secrets through a runbook, even if these members would personally not have access to that Key Vault.
To exploit this vulnerability, an attacker must be a member of an organization who can run runbooks, with only global admins/co-admins who can create the “run as” account.
|Further information on this vulnerability and how it can be mitigated can be found on the Microsoft Website at https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0962|