This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Detail | |||
|---|---|---|---|
| Vendor | Microsoft | First view | 2017-06-29 |
| Product | Azure Active Directory Connect | Last view | 2021-08-12 |
| Version | Type | ||
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
| CPE Name | Affected CVE |
|---|---|
| cpe:2.3:a:microsoft:azure_active_directory_connect:-:*:*:*:*:*:*:* | 3 |
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.1 | 2021-08-12 | CVE-2021-36949 | Microsoft Azure Active Directory Connect Authentication Bypass Vulnerability |
| 5.3 | 2019-05-16 | CVE-2019-1000 | An elevation of privilege vulnerability exists in Microsoft Azure Active Directory Connect build 1.3.20.0, which allows an attacker to execute two PowerShell cmdlets in context of a privileged account, and perform privileged actions.To exploit this, an attacker would need to authenticate to the Azure AD Connect server, aka 'Microsoft Azure AD Connect Elevation of Privilege Vulnerability'. |
| 8.1 | 2017-06-29 | CVE-2017-8613 | Azure AD Connect Password writeback, if misconfigured during enablement, allows an attacker to reset passwords and gain unauthorized access to arbitrary on-premises AD privileged user accounts aka "Azure AD Connect Elevation of Privilege Vulnerability." |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 33% (1) | CWE-640 | Weak Password Recovery Mechanism for Forgotten Password |
| 33% (1) | CWE-287 | Improper Authentication |
| 33% (1) | CWE-269 | Improper Privilege Management |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2017-06-29 | Name: An application installed on the remote Windows host is affected by an elevati... File: smb_kb4033453.nasl - Type: ACT_GATHER_INFO |
