Lucene search
K

13 matches found

Tenable Nessus
Tenable Nessus
added 2024/01/03 12:0 a.m.19 views

ADFS Relying Party Trusts Disclosure

Microsoft Active Directory Federation Services ADFS is a very popular Single Sign On SSO feature offering identity federation to organizations. An ADFS server can be configured to show a login page to connect to corporate applications directly from this Identity Provider IdP. When enabled, this w...

7.1AI score
Exploits0References2
0day.today
0day.today
added 2018/10/24 12:0 a.m.375 views

Microsoft Active Directory Federated Services (ADFS) User Enumeration Vulnerability

Microsoft Active Directory Federated Services ADFS suffers from a time-based user enumeration vulnerability. + Credits: Joshua Platz aka Binary1985 + CVE ID: Requested + Website: https://github.com/binary1985 + Source:...

Exploits0
Prion
Prion
added 2018/07/11 12:29 a.m.18 views

Cross site scripting

A cross-site-scripting XSS vulnerability exists when an open source customization for Microsoft Active Directory Federation Services AD FS does not properly sanitize a specially crafted web request to an affected AD FS server, aka "Open Source Customization for Active Directory Federation Service...

3.5CVSS5.2AI score0.02368EPSS
Exploits0References3Affected Software1
Kaspersky
Kaspersky
added 2017/03/14 12:0 a.m.53 views

KLA10986 Information disclosure vulnerability in Microsoft Active Directory Federation Services

An improper honoring of XML External Entities was found in Microsoft Active Directory Federation Services ADFS. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely via a specially designed request. Original advisories...

5.3CVSS6.2AI score0.02059EPSS
Exploits0References14
Symantec
Symantec
added 2016/02/09 12:0 a.m.34 views

Microsoft Active Directory Federation Services CVE-2016-0037 Denial of Service Vulnerability

Description Microsoft Active Directory Federation Services is prone to a denial of service vulnerability. Successful exploits may allow the attacker to cause the server to become non-responsive, resulting in denial of service conditions. Technologies Affected Microsoft Active Directory Federation...

5CVSS1.1AI score0.26256EPSS
Exploits0Affected Software2
Kaspersky
Kaspersky
added 2016/01/10 12:0 a.m.52 views

KLA10752 Denial of service vulnerability in Microsoft Acrtive Directory Federation Services

Lack of input data checks was found in Microsoft Active Directory Federation Services. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a specially designed input to form-based authentication. Original advisories...

7.5CVSS7.6AI score0.26256EPSS
Exploits0References4
securityvulns
securityvulns
added 2015/06/14 12:0 a.m.65 views

Microsoft Active Directory Federation Services crossite scripting

Crossite scipring in web interface...

4.3CVSS2.2AI score0.11058EPSS
Exploits0
Symantec
Symantec
added 2015/06/09 12:0 a.m.31 views

Microsoft Active Directory Federation Services CVE-2015-1757 Privilege Escalation Vulnerability

Description Microsoft Active Directory Federation Services is prone to a remote privilege-escalation vulnerability because it fails to sanitize user-supplied input. An attacker can exploit this issue to gain elevated privileges and perform unauthorized actions in the context of the currently...

4.3CVSS6.3AI score0.11058EPSS
Exploits0Affected Software6
Cvelist
Cvelist
added 2015/04/14 8:0 p.m.27 views

CVE-2015-1638

Microsoft Active Directory Federation Services AD FS 3.0 on Windows Server 2012 R2 does not properly handle logoff actions, which allows remote attackers to bypass intended access restrictions by leveraging an unattended workstation, aka "Active Directory Federation Services Information Disclosur...

6.3AI score0.12806EPSS
Exploits0References2
Symantec
Symantec
added 2015/04/14 12:0 a.m.27 views

Microsoft Active Directory Federation Services CVE-2015-1638 Information Disclosure Vulnerability

Description Microsoft Active Directory Federation Services is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. Technologies Affected Microsoft Active Directory Federation Services 3.0...

5.8CVSS1.2AI score0.12806EPSS
Exploits0Affected Software2
OpenVAS
OpenVAS
added 2014/11/12 12:0 a.m.40 views

Microsoft Active Directory Federation Services Information Disclosure Vulnerability (3003381)

This host is missing an important security update according to Microsoft Bulletin MS14-077. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

5CVSS5.1AI score0.20317EPSS
Exploits0References3
Symantec
Symantec
added 2014/11/11 12:0 a.m.23 views

Microsoft Active Directory Federation Services CVE-2014-6331 Information Disclosure Vulnerability

Description Microsoft Active Directory Federation Services is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. Technologies Affected Microsoft Active Directory Federation Services 2.0...

5CVSS1.3AI score0.20317EPSS
Exploits0Affected Software1
Symantec
Symantec
added 2013/08/13 12:0 a.m.25 views

Microsoft Active Directory Federation Services CVE-2013-3185 Information Disclosure Vulnerability

Description Microsoft Active Directory Federation Services is prone to an information disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPil...

5CVSS0.41432EPSS
Exploits1Affected Software10
Rows per page
Query Builder