VYPR
Unrated severityNVD Advisory· Published Sep 11, 2020· Updated Aug 4, 2024

ADFS MFA Elevation of Privilege Vulnerability

CVE-2020-0837

Description

An elevation of privilege vulnerability exists when Active Directory Federation Services (ADFS) improperly handles multi-factor authentication requests. An attacker who successfully exploited this vulnerability could bypass some, but not all, of the authentication factors. To exploit this vulnerability, an attacker could send a specially crafted authentication request. This security update corrects how ADFS handles multi-factor authentication requests.

Affected products

8

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.