TF 0506 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Ensure that the expiration date is set on all keys
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | keyvault |
| Provider | Azure |
| Vulnerability Type | omission |
Description
Vault keys are created without an expiration date, allowing them to remain valid indefinitely. This increases the risk that old or unused keys continue to provide access beyond their intended lifecycle.
Impact
Keys without expiration dates can be exploited if compromised, as they never become inactive. This prolonged validity expands the attack surface, making it easier for attackers to use stolen or forgotten keys to access sensitive data or resources.
Resolution
Set an expiration date on the vault key