Vulnerability Manager Plus

ADFS Security Feature Bypass Vulnerability for Windows Server 2012 R2 (KB4015547)

Risk Information

Base Score

8.1

MODERATE

Vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C

EPSS Score

Exploitation Probability

12.685%

CVE Information

Patch Details

Patch associated with this vulnerability is supported by ManageEngine.

Patch ID
22279

Patch Description
April, 2017 Security Only Quality Update for Windows Server 2012 R2 (KB4015547)

References

http://advisories.mageia.org/MGASA-2013-0333.html
http://archives.neohapsis.com/archives/fulldisclosure/2013-11/0080.html
http://bugs.ghostscript.com/show_bug.cgi?id=686980
http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.html
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00026.html
http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html
http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html
http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html
http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html
http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html
http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html
http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html
http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html
http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html
http://marc.info/?l=bugtraq&m=140852886808946&w=2
http://marc.info/?l=bugtraq&m=140852974709252&w=2
http://rhn.redhat.com/errata/RHSA-2013-1803.html
http://rhn.redhat.com/errata/RHSA-2013-1804.html
http://secunia.com/advisories/56175
http://secunia.com/advisories/58974
http://secunia.com/advisories/59058
http://security.gentoo.org/glsa/glsa-201406-32.xml
http://support.apple.com/kb/HT6150
http://support.apple.com/kb/HT6162
http://support.apple.com/kb/HT6163
http://www-01.ibm.com/support/docview.wss?uid=swg21672080
http://www.debian.org/security/2013/dsa-2799
http://www.mozilla.org/security/announce/2013/mfsa2013-116.html
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
http://www.securityfocus.com/bid/63676
http://www.securityfocus.com/bid/97427
http://www.securityfocus.com/bid/97437
http://www.securityfocus.com/bid/97438
http://www.securityfocus.com/bid/97446
http://www.securityfocus.com/bid/97449
http://www.securityfocus.com/bid/97452
http://www.securityfocus.com/bid/97455
http://www.securityfocus.com/bid/97462
http://www.securityfocus.com/bid/97466
http://www.securityfocus.com/bid/97467
http://www.securityfocus.com/bid/97473
http://www.securityfocus.com/bid/97475
http://www.securityfocus.com/bid/97507
http://www.securityfocus.com/bid/97514
http://www.securitytracker.com/id/1029470
http://www.securitytracker.com/id/1029476
http://www.securitytracker.com/id/1038230
http://www.securitytracker.com/id/1038231
http://www.securitytracker.com/id/1038237
http://www.securitytracker.com/id/1038238
http://www.securitytracker.com/id/1038239
http://www.securitytracker.com/id/1038240
http://www.securitytracker.com/id/1038243
http://www.securitytracker.com/id/1038245
http://www.ubuntu.com/usn/USN-2052-1
http://www.ubuntu.com/usn/USN-2053-1
http://www.ubuntu.com/usn/USN-2060-1
https://access.redhat.com/errata/RHSA-2014:0413
https://access.redhat.com/errata/RHSA-2014:0414
https://bugzilla.mozilla.org/show_bug.cgi?id=891693
https://code.google.com/p/chromium/issues/detail?id=258723
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2013-6629
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0058
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0156
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0158
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0159
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0165
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0166
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0167
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0168
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0180
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0182
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0184
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0185
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0186
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0188
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0191
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0192
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0211
https://security.gentoo.org/glsa/201606-03
https://src.chromium.org/viewvc/chrome?revision=229729&view=revision
https://www.exploit-db.com/exploits/41879/
https://www.exploit-db.com/exploits/41880/
https://www.exploit-db.com/exploits/41901/
https://www.exploit-db.com/exploits/41902/
https://www.ibm.com/support/docview.wss?uid=swg21675973
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0178
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0179
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0183
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0169