CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-0837

An elevation of privilege vulnerability exists when Active Directory Federation Services (ADFS) improperly handles multi-factor authentication requests. An attacker who successfully exploited this vulnerability could bypass some, but not all, of the authentication factors. To exploit this vulnerability, an attacker could send a specially crafted authentication request. This security update corrects how ADFS handles multi-factor authentication requests.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.017

EPSS Ranking 81.4%

CVSS Severity

CVSS v3 Score 5.0

CVSS v2 Score 4.0

References

Products affected by CVE-2020-0837

Microsoft » Windows 10 » Version: 1607

cpe:2.3:o:microsoft:windows_10:1607
Microsoft » Windows 10 » Version: 1809

cpe:2.3:o:microsoft:windows_10:1809
Microsoft » Windows 10 » Version: 1903

cpe:2.3:o:microsoft:windows_10:1903
Microsoft » Windows 10 » Version: 1909

cpe:2.3:o:microsoft:windows_10:1909
Microsoft » Windows 10 » Version: 2004

cpe:2.3:o:microsoft:windows_10:2004
Microsoft » Windows Server 2016 » Version: N/A

cpe:2.3:o:microsoft:windows_server_2016:-
Microsoft » Windows Server 2016 » Version: 1903

cpe:2.3:o:microsoft:windows_server_2016:1903
Microsoft » Windows Server 2016 » Version: 1909

cpe:2.3:o:microsoft:windows_server_2016:1909
Microsoft » Windows Server 2016 » Version: 2004

cpe:2.3:o:microsoft:windows_server_2016:2004
Microsoft » Windows Server 2019 » Version: N/A

cpe:2.3:o:microsoft:windows_server_2019:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-0837

Products

Pricing

Contact Us