KLA10986
Information disclosure vulnerability in Microsoft Active Directory Federation Services

Обновлено: 03/06/2020

Дата обнаружения	14/03/2017
Уровень угрозы	Warning
Описание	An improper honoring of XML External Entities was found in Microsoft Active Directory Federation Services (ADFS). By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely via a specially designed request.
Пораженные продукты	Windows Server 2008 Windows Server 2008 R2 Windows Server 2012 Windows Server 2012 R2
Решение	Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Первичный источник обнаружения	MS17-019 CVE-2017-0043
Оказываемое влияние ?	OSI [?]
Связанные продукты	Microsoft Windows Server 2012 Microsoft Windows Server 2008
CVE-IDS	CVE-2017-00432.9Warning

KLA10986Information disclosure vulnerability in Microsoft Active Directory Federation Services