Azure AD Connect Password writeback, if misconfigured during enablement, allows an attacker to reset passwords and gain unauthorized access to arbitrary on-premises AD privileged user accounts aka “Azure AD Connect Elevation of Privilege Vulnerability.”
[
{
"product": "Azure AD Connect",
"vendor": "Microsoft Corporation",
"versions": [
{
"status": "affected",
"version": "Azure AD Connect versions prior to version 1.1.553.0"
}
]
}
]