Known Vulnerabilities for Active Directory Federation Services by Microsoft
Listed below are 4 of the newest known vulnerabilities associated with "Active Directory Federation Services" by "Microsoft".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2018-16794 json | Microsoft ADFS 4.0 Windows Server 2016 and previous (Active Directory Federation Services) has an SSRF vulnerability via the ... | 8.6 - HIGH | 2018-09-18 | 2018-11-20 |
| CVE-2015-1757 json | Cross-site scripting (XSS) vulnerability in adfs/ls in Active Directory Federation Services (AD FS) in Microsoft Windows Serv... | 4.3 - MEDIUM | 2015-06-10 | 2018-10-12 |
| CVE-2014-6331 json | Microsoft Active Directory Federation Services (AD FS) 2.0, 2.1, and 3.0, when a configured SAML Relying Party lacks a sign-o... | 5 - MEDIUM | 2014-11-11 | 2018-10-12 |
| CVE-2013-3185 json | Microsoft Active Directory Federation Services (AD FS) 1.x through 2.1 on Windows Server 2003 R2 SP2, Windows Server 2008 SP2... | 5 - MEDIUM | 2013-08-14 | 2020-09-28 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Microsoft | Active Directory Federation Services | 2.1 | |||
| Application | Microsoft | Active Directory Federation Services | 2.0 | |||
| Application | Microsoft | Active Directory Federation Services | 1.1 | |||
| Application | Microsoft | Active Directory Federation Services | 1.0 |