CVE-2021-41361: Active Directory Federation Server Spoofing Vulnerability

Overview

Severity

Medium (CVSS 5.4)

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C

Category

Spoofing

Exploit Status

Not Exploited

Exploitation Likelihood

Less Likely

Patch Tuesday

2021-Oct

Released

2021-10-12

EPSS Score

0.56% (percentile: 68.3%)

FAQ

How could an attacker exploit this vulnerability? The ADFS (Active Directory Federation Services) services are vulnerable during the logout redirect request to cross-site scripting of the post logout redirect URI. An attacker who successfully exploited this vulnerability could leave an application using this ADFS library vulnerable to common XSS attacks.

Affected Products (8)

Windows

• Windows Server 2019
• Windows Server 2019 (Server Core installation)
• Windows Server 2022
• Windows Server 2022 (Server Core installation)
• Windows Server, version 2004 (Server Core installation)
• Windows Server, version 20H2 (Server Core Installation)
• Windows Server 2016
• Windows Server 2016 (Server Core installation)

Security Updates (4)

• 5006672
• 5006699
• 5006670
• 5006669

Acknowledgments

<a href="https://in.linkedin.com/in/nadishs">Nadish Shajahan</a>

Revision History

• 2021-10-12: Information published.