zCat on Nostr: Low-Code, High Risk: Millions of Records Exposed via Misconfigured Microsoft Power ...
Low-Code, High Risk: Millions of Records Exposed via Misconfigured Microsoft Power Pages
Researchers have discovered multiple misconfigured implementations of Microsoft Power Pages, and suspect the problem may be widespread.
The problem is purely a configuration issue, and not a Microsoft issue. In fact, the MS product displays numerous banner warnings when it notes potential configuration concerns. What Microsoft cannot do is ensure that its users respond to the warnings.
Since the problems are not down to Microsoft code, but the users’ use of that code, AppOmni has not reported its findings directly to Microsoft because there is nothing for Microsoft to fix. The firm has however, reported its findings to all the affected companies it has discovered – and all the discovered misconfigurations have now been fixed.
See more: https://www.securityweek.com/low-code-high-risk-millions-of-records-exposed-via-misconfigured-microsoft-power-pages/
#cybersecurity
Researchers have discovered multiple misconfigured implementations of Microsoft Power Pages, and suspect the problem may be widespread.
The problem is purely a configuration issue, and not a Microsoft issue. In fact, the MS product displays numerous banner warnings when it notes potential configuration concerns. What Microsoft cannot do is ensure that its users respond to the warnings.
Since the problems are not down to Microsoft code, but the users’ use of that code, AppOmni has not reported its findings directly to Microsoft because there is nothing for Microsoft to fix. The firm has however, reported its findings to all the affected companies it has discovered – and all the discovered misconfigurations have now been fixed.
See more: https://www.securityweek.com/low-code-high-risk-millions-of-records-exposed-via-misconfigured-microsoft-power-pages/
#cybersecurity