New Search

ADFS Security Feature Bypass Vulnerability - CVE-2019-0975

oval:org.cisecurity:def:6483

A security feature bypass vulnerability exists when Active Directory Federation Services (ADFS) improperly updates its list of banned IP addresses. To exploit this vulnerability an attacker would have to convince a victim ADFS administrator to update the list of banned IP addresses. This security update corrects how ADFS updates its list of banned IP addresses.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows Server 2016
  • Microsoft Windows Server 2019
Class:
vulnerability
Reference(s):
  • CVE-2019-0975
  • MSRC-CVE-2019-0975
  • KB4507460
  • KB4507469
Product(s):