Количество 4
Количество 4
CVE-2019-1258
An elevation of privilege vulnerability exists in Azure Active Directory Authentication Library On-Behalf-Of flow, in the way the library caches tokens. This vulnerability allows an authenticated attacker to perform actions in context of another user. The authenticated attacker can exploit this vulneraiblity by accessing a service configured for On-Behalf-Of flow that assigns incorrect tokens. This security update addresses the vulnerability by removing fallback cache look-up for On-Behalf-Of scenarios.
CVE-2019-1258
Azure Active Directory Authentication Library Elevation of Privilege Vulnerability
GHSA-xc6x-cq47-9chw
Vulnerability in Azure Active Directory Authentication Library
BDU:2019-03036
Уязвимость библиотеки ADAL.NET операционных систем Windows, позволяющая нарушителю повысить свои привилегии
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-1258 An elevation of privilege vulnerability exists in Azure Active Directory Authentication Library On-Behalf-Of flow, in the way the library caches tokens. This vulnerability allows an authenticated attacker to perform actions in context of another user. The authenticated attacker can exploit this vulneraiblity by accessing a service configured for On-Behalf-Of flow that assigns incorrect tokens. This security update addresses the vulnerability by removing fallback cache look-up for On-Behalf-Of scenarios. | CVSS3: 8.8 | 11% Средний | около 6 лет назад |
 | CVE-2019-1258 Azure Active Directory Authentication Library Elevation of Privilege Vulnerability | 11% Средний | около 6 лет назад | |
| GHSA-xc6x-cq47-9chw Vulnerability in Azure Active Directory Authentication Library | CVSS3: 8.8 | 11% Средний | около 6 лет назад |
 | BDU:2019-03036 Уязвимость библиотеки ADAL.NET операционных систем Windows, позволяющая нарушителю повысить свои привилегии | CVSS3: 8.8 | 11% Средний | около 6 лет назад |
Уязвимостей на страницу