CVE-2019-0975

MEDIUM Year: 2019
CVSS v3 Score
6.3
Medium
CVSS v2 Score
6.8
Medium
Weakness Type
NVD-CWE-Other
View all →

Vulnerability Description

A security feature bypass vulnerability exists when Active Directory Federation Services (ADFS) improperly updates its list of banned IP addresses. To exploit this vulnerability, an attacker would have to convince a victim ADFS administrator to update the list of banned IP addresses. This security update corrects how ADFS updates its list of banned IP addresses., aka 'ADFS Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-1126.

Related Vulnerabilities

CVE-2016-3563

MEDIUM
CVSS:6.3(Medium)

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.5 allows local users to affect confidentiality and integrity via vectors re...

NVD-CWE-Other2016

CVE-2017-10153

MEDIUM
CVSS:6.3(Medium)

Vulnerability in the Oracle Communications WebRTC Session Controller component of Oracle Communications Applications (subcomponent: Security (Gson)). Supported versions that are affected are 7.0, 7.1 ...

NVD-CWE-Other2017

CVE-2017-10163

MEDIUM
CVSS:6.3(Medium)

Vulnerability in the Oracle Business Intelligence Enterprise Edition component of Oracle Fusion Middleware (subcomponent: Analytics Web General). Supported versions that are affected are 11.1.1.7.0, 1...

NVD-CWE-Other2017

CVE-2017-10385

MEDIUM
CVSS:6.3(Medium)

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Web Container). Supported versions that are affected are 3.0.1 and 3.1.2. Easily exploitable vulnerabi...

NVD-CWE-Other2017

CVE-2017-10393

MEDIUM
CVSS:6.3(Medium)

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Web Container). Supported versions that are affected are 3.0.1 and 3.1.2. Easily exploitable vulnerabi...

NVD-CWE-Other2017

CVE-2017-18711

MEDIUM
CVSS:6.3(Medium)

Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D7800 before 1.0.1.28, R6400 before 1.01.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.36, R6900 be...

NVD-CWE-Other2017