Pulse of Truth

1598 readers

15 users here now

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

founded 2 years ago

MODERATORS

krogoth

Microsoft Accidently Allow Unprivileged Users to Change Their User Principal Names in Entra ID (cybersecuritynews.com)

submitted 7 months ago by lemmydev2 to c/pulse_of_truth

2 comments fedilink hide all child comments

Microsoft has allowed unprivileged users to update their own User Principal Names (UPNs) in Entra ID, sparking concerns over security and administrative oversight. To clarify, an unprivileged user can update the user principal name (UPN) for their own Entra ID account but not for others. However, it’s hard to see why any organization would intentionally […] The post Microsoft Accidently Allow Unprivileged Users to Change Their User Principal Names in Entra ID appeared first on Cyber Security News.

you are viewing a single comment's thread
view the rest of the comments

[–] wizardbeard@lemmy.dbzer0.com 1 points 7 months ago

Yeah, I'm fairly certain that's default settings or at least strongly reccomended by the docs.