CVE-2019-1126

A security feature bypass vulnerability exists in Active Directory Federation Services (ADFS) which could allow an attacker to bypass the extranet lockout policy.To exploit this vulnerability, an attacker could run a specially crafted application, which would allow an attacker to launch a password brute-force attack or cause account lockouts in Active Directory.This security update corrects how ADFS handles external authentication requests., aka 'ADFS Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0975.

A security feature bypass vulnerability exists in Active Directory Federation Services (ADFS) which could allow an attacker to bypass the extranet lockout policy.To exploit this vulnerability, an attacker could run a specially crafted application, which would allow an attacker to launch a password brute-force attack or cause account lockouts in Active Directory.This security update corrects how ADFS handles external authentication requests., aka 'ADFS Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0975.

Existe una vulnerabilidad de omisión en la característica de seguridad de Active Directory Federation Services (ADFS) que podría permitir a un atacante omitir la política de bloqueo de la extranet. Para explotar esta vulnerabilidad, un atacante podría ejecutar una aplicación especialmente diseñada, lo que permitiría a un atacante activar un ataque de fuerza bruta de contraseña o causar bloqueos de cuenta en Active Directory. Esta actualización de seguridad aborda la manera en que ADFS maneja las peticiones de autenticación externa, también se conoce como., "ADFS Security Feature Bypass Vulnerability". El ID de este CVE es diferente de CVE-2019-0975.