SYM_CONF_0110 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Not Using Password Aging
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-262: Not Using Password Aging |
| Confidence Level | Medium |
| Impact Level | Medium |
| Likelihood Level | Low |
Description
Keys in Azure Key Vault are being created without an expiration date. This means the keys will remain valid indefinitely unless manually deleted or rotated.
Impact
If keys do not expire, compromised or outdated keys could be misused for extended periods, increasing the risk of unauthorized access or data breaches. This weakens key lifecycle management and can result in non-compliance with security policies.