Skip to content

H3-2022-0002

Azure Multi-Factor Authentication Disabled

Category CREDENTIALS
Base Score 9.8

Description

An Azure account was accessed without any multi-factor authentication enabled.

Impact

This misconfiguration permits remote attackers to conduct credential attacks like password spraying to compromise an account and using it to further compromise an organization.

References