CVE-2015-1638
N/A
N/A
Summary
Microsoft Active Directory Federation Services (AD FS) 3.0 on Windows Server 2012 R2 does not properly handle logoff actions, which allows remote attackers to bypass intended access restrictions by leveraging an unattended workstation, aka "Active Directory Federation Services Information Disclosure Vulnerability."
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.securitytracker.com/id/1032115
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-040
References
- http://www.securitytracker.com/id/1032115
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-040
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.