ADFS
by Microsoft
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-16794 | Hig | 0.57 | 8.6 | 0.08 | Sep 18, 2018 | Microsoft ADFS 4.0 Windows Server 2016 and previous (Active Directory Federation Services) has an SSRF vulnerability via the txtBoxEmail parameter in /adfs/ls. | ||
| CVE-2021-33779 | 0.00 | — | 0.02 | Jul 14, 2021 | Windows AD FS Security Feature Bypass Vulnerability |
- risk 0.57cvss 8.6epss 0.08
Microsoft ADFS 4.0 Windows Server 2016 and previous (Active Directory Federation Services) has an SSRF vulnerability via the txtBoxEmail parameter in /adfs/ls.
- CVE-2021-33779Jul 14, 2021risk 0.00cvss —epss 0.02
Windows AD FS Security Feature Bypass Vulnerability