TF 0106 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Key Vault Secret should have an expiration date set
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | keyvault |
| Provider | Azure |
Description
Key Vault secrets are being created without an expiration date, which allows them to remain valid indefinitely. This increases the risk of secrets being forgotten and unnecessarily exposed over time.
Impact
Secrets without expiration can be used indefinitely if compromised, increasing the window for attackers to exploit leaked credentials. This may lead to unauthorized access to sensitive resources and prolonged security exposure for the organization.
Resolution
Set an expiry for secrets