Known Vulnerabilities for Active Directory Federation Services by Microsoft
Listed below are 4 of the newest known vulnerabilities associated with the software "Active Directory Federation Services" by "Microsoft".
These CVEs are retrieved based on exact matches on listed software and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
CVE | Shortened Description | Severity | Publish Date | Last Modified |
---|---|---|---|---|
CVE-2018-16794 | Microsoft ADFS 4.0 Windows Server 2016 and previous (Active Directory Federation Services) has an SSRF vulnerability via the ... | 8.6 - HIGH | 2018-09-18 | 2018-11-20 |
CVE-2015-1757 | Cross-site scripting (XSS) vulnerability in adfs/ls in Active Directory Federation Services (AD FS) in Microsoft Windows Serv... | 4.3 - MEDIUM | 2015-06-10 | 2018-10-12 |
CVE-2014-6331 | Microsoft Active Directory Federation Services (AD FS) 2.0, 2.1, and 3.0, when a configured SAML Relying Party lacks a sign-o... | 5 - MEDIUM | 2014-11-11 | 2018-10-12 |
CVE-2013-3185 | Microsoft Active Directory Federation Services (AD FS) 1.x through 2.1 on Windows Server 2003 R2 SP2, Windows Server 2008 SP2... | 5 - MEDIUM | 2013-08-14 | 2020-09-28 |
Known Affected Configurations (CPE V2.3)
Type | Vendor | Product | Version | Update | Edition | Language |
---|---|---|---|---|---|---|
Application | Microsoft | Active Directory Federation Services | 2.1 | All | All | All |
Application | Microsoft | Active Directory Federation Services | 2.0 | All | All | All |
Application | Microsoft | Active Directory Federation Services | 1.1 | All | All | All |
Application | Microsoft | Active Directory Federation Services | 1.0 | All | All | All |
Popular searches for Active Directory Federation Services

Active Directory Federation Services

Active Directory Federation Services Learn more about: Active Directory Federation Services
technet.microsoft.com/en-us/library/hh831502.aspx technet.microsoft.com/en-us/library/hh831502.aspx docs.microsoft.com/windows-server/identity/active-directory-federation-services technet.microsoft.com/library/hh831502.aspx technet.microsoft.com/en-us/windows-server-docs/identity/active-directory-federation-services technet.microsoft.com/en-us/library/hh831502 technet.microsoft.com/library/hh831502.aspx docs.microsoft.com/sv-se/windows-server/identity/active-directory-federation-services Active Directory Federation Services C0 and C1 control codes Windows Server 2016 Windows Server 2012 R2 Windows Server 2012 Microsoft Docs Feedback Terms of service Microsoft Adobe Contribute HTTP cookie Bookmark (digital) LinkedIn Twitter Facebook Email Privacy Google Docs Blog DocumentationActive Directory Federation Services

Active Directory Federation Services This article begins with a brief overview of Active Directory Federation Services AD FS , a list of the benefits to using AD FS, and a list of what's new in AD FS for Windows Server 2008. The article then focuses on the code that a managed developer must incorporate into a Web application to make it federation aware and provides some specific examples on making claims based authorization decisions. AD FS is a standards-based service that allows the secure sharing of identity information between trusted business partners known as a federation X V T across an extranet. When a user needs to access a Web application from one of its federation Web application.
msdn.microsoft.com/library/bb897402.aspx msdn.microsoft.com/en-GB/library/bb897402.aspx msdn.microsoft.com/en-us/library/Bb897402.aspx msdn.microsoft.com/en-us/library/bb897402.aspx?MSPPError=-2147217396&f=255 C0 and C1 control codes Web application User (computing) Active Directory Federation Services World Wide Web Federation (information technology) Authentication Authorization Windows Server 2008 Information Server (computing) Extranet Application software Federated identity Claims-based identity Microsoft Management Console HTTP cookie Single sign-on Programmer Standardization