Known Vulnerabilities for Active Directory Federation Services by Microsoft

Listed below are 4 of the newest known vulnerabilities associated with the software "Active Directory Federation Services" by "Microsoft".

These CVEs are retrieved based on exact matches on listed software and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2018-16794 Microsoft ADFS 4.0 Windows Server 2016 and previous (Active Directory Federation Services) has an SSRF vulnerability via the ... 8.6 - HIGH 2018-09-18 2018-11-20
CVE-2015-1757 Cross-site scripting (XSS) vulnerability in adfs/ls in Active Directory Federation Services (AD FS) in Microsoft Windows Serv... 4.3 - MEDIUM 2015-06-10 2018-10-12
CVE-2014-6331 Microsoft Active Directory Federation Services (AD FS) 2.0, 2.1, and 3.0, when a configured SAML Relying Party lacks a sign-o... 5 - MEDIUM 2014-11-11 2018-10-12
CVE-2013-3185 Microsoft Active Directory Federation Services (AD FS) 1.x through 2.1 on Windows Server 2003 R2 SP2, Windows Server 2008 SP2... 5 - MEDIUM 2013-08-14 2020-09-28

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationMicrosoftActive Directory Federation Services2.1AllAllAll
ApplicationMicrosoftActive Directory Federation Services2.0AllAllAll
ApplicationMicrosoftActive Directory Federation Services1.1AllAllAll
ApplicationMicrosoftActive Directory Federation Services1.0AllAllAll

Popular searches for Active Directory Federation Services

Active Directory Federation Services

Active Directory Federation Services This article begins with a brief overview of Active Directory Federation Services AD FS , a list of the benefits to using AD FS, and a list of what's new in AD FS for Windows Server 2008. The article then focuses on the code that a managed developer must incorporate into a Web application to make it federation aware and provides some specific examples on making claims based authorization decisions. AD FS is a standards-based service that allows the secure sharing of identity information between trusted business partners known as a federation X V T across an extranet. When a user needs to access a Web application from one of its federation Web application. C0 and C1 control codes Web application User (computing) Active Directory Federation Services World Wide Web Federation (information technology) Authentication Authorization Windows Server 2008 Information Server (computing) Extranet Application software Federated identity Claims-based identity Microsoft Management Console HTTP cookie Single sign-on Programmer Standardization

© 2022 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license. and Source URL Uptime Status