High severity7.5NVD Advisory· Published Feb 10, 2016· Updated Jun 17, 2026
CVE-2016-0037
CVE-2016-0037
Description
The forms-based authentication implementation in Active Directory Federation Services (ADFS) 3.0 in Microsoft Windows Server 2012 R2 allows remote attackers to cause a denial of service (daemon outage) via crafted data, aka "Microsoft Active Directory Federation Services Denial of Service Vulnerability."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:datacenter:*:*:*+ 2 more
- cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:datacenter:*:*:*
- cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:essentials:*:*:*
- cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:standard:*:*:*
- Range: = 3.0
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.