National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:microsoft:active_directory_federation_services:1.0
There are 1 matching records.
Vuln ID Summary CVSS Severity
CVE-2018-16794

Microsoft ADFS 4.0 Windows Server 2016 and previous (Active Directory Federation Services) has an SSRF vulnerability via the txtBoxEmail parameter in /adfs/ls.

Published: September 18, 2018; 05:29:03 PM -04:00
V3: 8.6 HIGH
V2: 5.0 MEDIUM