High severity8.1NVD Advisory· Published Jun 29, 2017· Updated May 13, 2026

CVE-2017-8613

Description

Azure AD Connect Password writeback, if misconfigured during enablement, allows an attacker to reset passwords and gain unauthorized access to arbitrary on-premises AD privileged user accounts aka "Azure AD Connect Elevation of Privilege Vulnerability."

Affected products

Microsoft Corporation/Azure AD Connectv5
Range: Azure AD Connect versions prior to version 1.1.553.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/99294nvdThird Party AdvisoryVDB Entry
technet.microsoft.com/library/security/4033453nvdMitigationVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.526
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000