ADFS Security Feature Bypass Vulnerability - CVE-2019-0975
A security feature bypass vulnerability exists when Active Directory Federation Services (ADFS) improperly updates its list of banned IP addresses. To exploit this vulnerability an attacker would have to convince a victim ADFS administrator to update the list of banned IP addresses. This security update corrects how ADFS updates its list of banned IP addresses.
- Microsoft Windows Server 2016
- Microsoft Windows Server 2019