Microsoft Azure Active Directory Connect Authentication Bypass Vulnerability
CVE-2021-36949
7.1HIGH
Key Information:
- Vendor
Microsoft
- Status
- Vendor
- CVE Published:
- 12 August 2021
Badges
👾 Exploit Exists🟡 Public PoC
What is CVE-2021-36949?
Microsoft Azure Active Directory Connect Authentication Bypass Vulnerability
Affected Version(s)
Azure Active Directory Connect Provisioning Agent Unknown 1.1.0.0 < 1.1.582.0
Microsoft Azure Active Directory Connect 1.X.Y.Z Unknown 1.0.0.0 < 1.6.11.3
Microsoft Azure Active Directory Connect 2.0.X.Y Unknown 2.0.0.0 < 2.0.8.0
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.