EUVD-2017-0526

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Security feature bypass vulnerability in Windows 10, Server 2012 R2, 2016 due to ADFS request handling.

Reporter	Title	Published	Views	Family All 19
CNVD	Microsoft Windows ADFS Security Restriction Bypass Vulnerability	14 Apr 201700:00	–	cnvd
CVE	CVE-2017-0159	12 Apr 201714:00	–	cve
Cvelist	CVE-2017-0159	12 Apr 201714:00	–	cvelist
Microsoft KB	April 11, 2017—KB4015217 (OS Build 14393.1066 and 14393.1083)	11 Apr 201707:00	–	mskb
Microsoft KB	April 11, 2017—KB4015547 (Security-only update)	11 Apr 201707:00	–	mskb
Microsoft KB	April 11, 2017—KB4015550 (Monthly Rollup)	11 Apr 201707:00	–	mskb
Microsoft KB	April 11, 2017—KB4015583 (OS Build 15063.138)	11 Apr 201707:00	–	mskb
Kaspersky	KLA11059 Multiple vulnerabilities in Microsoft Windows	11 Apr 201700:00	–	kaspersky
Microsoft CVE	ADFS Security Feature Bypass Vulnerability	11 Apr 201707:00	–	mscve
NVD	CVE-2017-0159	12 Apr 201714:59	–	nvd

[
  {
    "enisaIdVendor": [
      {
        "id": "854e1017-3bfa-33f8-9f28-2ffc895c8396",
        "vendor": {
          "name": "Microsoft Corporation"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "968d257f-37dc-35c2-8de4-571168113e53",
        "product": {
          "name": "Windows"
        },
        "product_version": "Windows 10 1607, Windows Server 2012 R2, and Windows 2016"
      }
    ]
  }
]

Source	Link
securityfocus	www.securityfocus.com/bid/97449
portal	www.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0159
securitytracker	www.securitytracker.com/id/1038243
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

6.2Medium risk

Vulners AI Score6.2

CVSS 33.7

CVSS 24.3

EPSS0.05047