Описание
Windows AD FS Security Feature Bypass Vulnerability
FAQ
What kind of security feature could be bypassed by successfully exploiting this vulnerability?
This vulnerability relates to Primary Refresh Tokens which are usually stored in TPM. These tokens are usually used for SSO for Azure AD accounts. The tokens are not encrypted in a strong enough manner, and an administrator with access to a vulnerable system could extract and potentially decrypt the token for reuse until the token expires or is renewed.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Windows Server 2016 | ||
| Windows Server 2016 (Server Core installation) | ||
| Windows Server 2019 | ||
| Windows Server 2019 (Server Core installation) | ||
| Windows Server, version 2004 (Server Core installation) | ||
| Windows Server, version 20H2 (Server Core Installation) |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
DOS
EPSS
8.1 High
CVSS3
Связанные уязвимости
Windows ADFS Security Feature Bypass Vulnerability
Уязвимость службы Active Directory Federation Services (AD FS) операционных систем Windows, позволяющая нарушителю обойти ограничения безопасности и повысить свои привилегии
EPSS
8.1 High
CVSS3