3 matches found
CVE-2021-36949
CVE-2021-36949 concerns authentication bypass in Microsoft Azure Active Directory Connect. Connected sources specify that the issue arises from deficiencies in the authentication mechanism of both Azure Active Directory Connect and the Azure AD Connect Provisioning Agent (affected versions includ...
CVE-2019-1000
CVE-2019-1000 affects Microsoft Azure Active Directory Connect (AD Connect) build 1.3.20.0. The vulnerability enables elevation of privilege by an attacker who authenticates to the AD Connect server to run two PowerShell cmdlets in the context of a privileged account, enabling privileged actions....
CVE-2017-8613
CVE-2017-8613 concerns Microsoft Azure AD Connect Password writeback. When the password writeback feature is misconfigured during enablement, an attacker could abuse the permission model to reset passwords and gain unauthorized access to arbitrary on‑premises AD privileged user accounts. The vuln...