Known Vulnerabilities for Active Directory Federation Services by Microsoft
Listed below are 4 of the newest known vulnerabilities associated with "Active Directory Federation Services" by "Microsoft".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2018-16794 | Microsoft ADFS 4.0 Windows Server 2016 and previous (Active Directory Federation Services) has an SSRF vulnerability via the ... | 8.6 - HIGH | 2018-09-18 | 2018-11-20 |
| CVE-2015-1757 | Cross-site scripting (XSS) vulnerability in adfs/ls in Active Directory Federation Services (AD FS) in Microsoft Windows Serv... | 4.3 - MEDIUM | 2015-06-10 | 2018-10-12 |
| CVE-2014-6331 | Microsoft Active Directory Federation Services (AD FS) 2.0, 2.1, and 3.0, when a configured SAML Relying Party lacks a sign-o... | 5 - MEDIUM | 2014-11-11 | 2018-10-12 |
| CVE-2013-3185 | Microsoft Active Directory Federation Services (AD FS) 1.x through 2.1 on Windows Server 2003 R2 SP2, Windows Server 2008 SP2... | 5 - MEDIUM | 2013-08-14 | 2020-09-28 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Microsoft | Active Directory Federation Services | 2.1 | All | All | All |
| Application | Microsoft | Active Directory Federation Services | 2.0 | All | All | All |
| Application | Microsoft | Active Directory Federation Services | 1.1 | All | All | All |
| Application | Microsoft | Active Directory Federation Services | 1.0 | All | All | All |