🟠 High | Source: The Register — Security
Passwords were found stored in plaintext within Active Directory user and computer description fields, making them trivially accessible to any authenticated user on the network. Because AD description fields are readable by all domain users by default, a low-privilege attacker or compromised account could harvest credentials at scale with a simple LDAP query. This represents a significant credential exposure risk in any hybrid or cloud-connected environment where AD is the identity backbone.
Architect’s Take: Audit your Active Directory environment immediately for plaintext credentials in description fields using tools such as BloodHound or a targeted LDAP query, and enforce a policy prohibiting sensitive data in AD attributes. In Azure AD/Entra ID hybrid environments, also check synced attributes to ensure no plaintext secrets have been replicated to the cloud directory.
Original advisory: All the passwords were stored in Active Directory description fields