Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-36949 | 1 Microsoft | 2 Azure Active Directory Connect, Azure Active Directory Connect Provisioning Agent | 2024-11-21 | 4.9 MEDIUM | 7.1 HIGH |
Microsoft Azure Active Directory Connect Authentication Bypass Vulnerability | |||||
CVE-2019-1000 | 1 Microsoft | 1 Azure Active Directory Connect | 2024-11-21 | 3.5 LOW | 5.3 MEDIUM |
An elevation of privilege vulnerability exists in Microsoft Azure Active Directory Connect build 1.3.20.0, which allows an attacker to execute two PowerShell cmdlets in context of a privileged account, and perform privileged actions.To exploit this, an attacker would need to authenticate to the Azure AD Connect server, aka 'Microsoft Azure AD Connect Elevation of Privilege Vulnerability'. | |||||
CVE-2017-8613 | 1 Microsoft | 1 Azure Active Directory Connect | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
Azure AD Connect Password writeback, if misconfigured during enablement, allows an attacker to reset passwords and gain unauthorized access to arbitrary on-premises AD privileged user accounts aka "Azure AD Connect Elevation of Privilege Vulnerability." |