SB2019071015 - Multiple vulnerabilities in Active Directory Federation Services (ADFS)

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2019071015

SB2019071015 - Multiple vulnerabilities in Active Directory Federation Services (ADFS)

Published: July 10, 2019

Security Bulletin ID SB2019071015
Severity
Medium
Patch available
YES
Number of vulnerabilities 2
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

Medium 50% Low 50%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.


1) Resource management error (CVE-ID: CVE-2019-0975)

The vulnerability allows a remote attacker to bypass certain security restrictions.

The vulnerability exists due to the way Active Directory Federation Services (ADFS) performs updates for the list of banned IP addresses. A remote attacker can convince the ADFS administrator to update a list of banned IP addresses and bypass security restrictions


2) Improper control of interaction frequency (CVE-ID: CVE-2019-1126)

The vulnerability allows a remote attacker to bypass certain security restrictions.

The vulnerability exists due to the way Active Directory Federation Services (ADFS) handles external authentication requests. A remote attacker can perform a brute-force attack and cause account lockouts in Active Directory.


Remediation

Install update from vendor's website.

References