Server-Side Request Forgery in Microsoft ADFS 4.0 on Windows Server 2016
CVE-2018-16794

8.6HIGH

Key Information:

Vendor

Microsoft
Status
Active Directory Federation Services
Vendor
CVE Published:
18 September 2018

What is CVE-2018-16794?

Microsoft ADFS 4.0 for Windows Server 2016 and earlier versions has a vulnerability that allows attackers to exploit the txtBoxEmail parameter located in /adfs/ls. This vulnerability enables remote attackers to send crafted requests that may lead to unauthorized access to internal resources. If exploited, the SSRF vulnerability could allow attackers to bypass security controls, potentially leading to further compromise of the application or the underlying infrastructure.

References

http://www.securityfocus.com/bid/105378
vdb-entryx_refsource_BID
http://seclists.org/fulldisclosure/2018/Sep/13
mailing-listx_refsource_FULLDISC
http://packetstormsecurity.com/files/149376/Microsoft-ADF...
x_refsource_MISC

CVSS V3.1

Score:
8.6
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.