This script will allow you to find all applications and service principals in Azure AD affected by https://aka.ms/CVE-2021-42306-AAD that need their keys to be rotated.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters
|Get-AffectedKeyCredentials -TenantId 0000-0000-0000-0000 -ObjectClass application -ScanAll|
|Get-AffectedKeyCredentials -TenantId 0000-0000-0000-0000 -ObjectClass servicePrincipal -ScanAll|
Adding that this script WILL run in CloudShell from the browser, but not when I connect to azure ad from azure powershell running as admin. Because of all the warnings about .net and the different modules needing to be installed, it doesn't seem likely to me that CloudShell was the recommended way to run it. (Could be wrong) I haven't tried the CVE script from cloudshell yet.
Nov 18, 2021
Thanks for sharing the updates.
It sounds like a conflict of PowerShell modules. There are some suggestions in this thread Azure/azure-powershell#9949
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
When I run this with my tenant id, I get: WARNING: Unable to find type [Microsoft.Azure.Commands.Profile.Utilities.CustomAssemblyResolver].
Get-AzAccessToken : The term 'Get-AzAccessToken' is not recognized as the name of a cmdlet, function, script file, or
I checked out Global Admin role
I've already checked that .net and azure modules are installed. Tried Install-Module -Name Az -AllowClobber based on a suggestion elsewhere, no change. Running powershell as admin as well.
The CVE script also fails, but that complains about characters in the script.