CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-8613

Azure AD Connect Password writeback, if misconfigured during enablement, allows an attacker to reset passwords and gain unauthorized access to arbitrary on-premises AD privileged user accounts aka "Azure AD Connect Elevation of Privilege Vulnerability."

Exploit prediction scoring system (EPSS) score

EPSS Score 0.021

EPSS Ranking 83.4%

CVSS Severity

CVSS v3 Score 8.1

CVSS v2 Score 6.8

References

http://www.securityfocus.com/bid/99294
https://technet.microsoft.com/library/security/4033453
http://www.securityfocus.com/bid/99294
https://technet.microsoft.com/library/security/4033453

Products affected by CVE-2017-8613

Microsoft » Azure Active Directory Connect » Version: N/A

cpe:2.3:a:microsoft:azure_active_directory_connect:-
Microsoft » Azure Active Directory Connect » Version: 1.1.524.0

cpe:2.3:a:microsoft:azure_active_directory_connect:1.1.524.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-8613

Products

Pricing

Contact Us