[Bug]: Admin Consent to Enterprise Applications - azure-activedirectory-users-can-consent-apps-data-access.json #86
Comments
|
Hi @cmking94 thanks for catching this! it's really appreciated. Just to mention that this rule is for CIS 1.4 and is that rule was superseded by a more specific one that is checking for trusted publisher apps. I'll update the rule as soon as I can. Thanks! |
|
This was the field I was looking for and I understand the finding results, thanks for the quick response! |
|
Hi @cmking94, This is now fixed on dev branch. Cheers, |
|
This issue has been automatically marked as stale because it has not had recent activity. We kindly ask you to check again if the issue you reported is still relevant in the current version of Monkey 365. If it is, update this issue with a comment, otherwise it will be automatically closed if no further activity occurs. Thank you for your contributions. |
|
This issue was closed because it has been inactive for 14 days since being marked as stale. If the issue is still relevant, feel free to re-open it or open a new one. |
What happened?
The current finding for Admin Consent to Enterprise Applications in the finding "azure-activedirectory-users-can-consent-apps-data-access.json" is no longer applicable. The finding is now under Entra ID > Applications > Enterprise Applications > Consent and permissions. Also, the finding can be located with "Get-MsolCompanyInformation | Select-Object UsersPermissionToUserConsentToAppEnabled".
Expected behavior
The resource in the HTML report for the "Ensure That 'Users Can Consent To Apps Accessing Company Data On Their Behalf' Is Set To 'No'" configuration shows passed, but my O365 tenant has "Allow user consent for apps" selected. The JSON file "aad_managed_app_user_settings" shows 'null' for the "usersCanAllowAppsToAccessData" finding.
Screenshots or Logs
From where are you running Monkey365?
$PsVersionTable]: 5.1.20348.2110The text was updated successfully, but these errors were encountered: