Insecure service configuration - AKV Secret Expiration
Description
The secrets stored in Azure Key Vault do not set an expiration date.
Impact
Increase the chances of compromising sensitive secrets of the system.
Recommendation
Define an expiration date for Azure secrets by setting the expiration_date property.
Threat
Authenticated attacker from the Internet.
Expected Remediation Time
⏱️ 60 minutes.
Requirements
130 - Limit password lifespan138 - Define lifespan for temporary passwords140 - Define OTP lifespanFixes
Score
Default score using CVSS 4.0. It may change depending on the context of the src.
Base 4.0
Attack vector
N
Attack complexity
H
Attack requirements
N
Privileges required
H
User interaction
N
Confidentiality (VC)
H
Integrity (VI)
N
Availability (VA)
N
Confidentiality (SC)
N
Integrity (SI)
N
Availability (SA)
N
Threat 4.0
Exploit maturity
U
Vector string
CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U