Friday, 30 June 2017

On 00:46 by admin in    No comments
A vulnerability was found in Microsoft Azure AD Connect and classified as critical. Affected by this issue is an unknown function of the component Password Writeback. The manipulation with an unknown input leads to a privilege escalation vulnerability. Using CWE to declare the problem leads to CWE-269. Impacted is confidentiality, integrity, and availability.

The weakness was presented 06/29/2017 as confirmed bulletin (Technet). The advisory is shared for download at technet.microsoft.com. This vulnerability is handled as CVE-2017-8613 since 05/03/2017. The exploitation is known to be difficult. The technical details are unknown and an exploit is not available. The structure of the vulnerability defines a possible price range of USD $5k-$25k at the moment (estimation calculated on 06/30/2017).

Upgrading to version 1.1.553.0 eliminates this vulnerability. The upgrade is hosted for download at technet.microsoft.com. A possible mitigation has been published immediately after the disclosure of the vulnerability.

CVSSv3

VulDB Base Score≈4.6
VulDB Temp Score≈4.4
VulDB VectorCVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C
VulDB Reliability: Low

CVSSv2

VulDB Base Score≈3.5 (CVSS2#AV:A/AC:H/Au:S/C:P/I:P/A:P)
VulDB Temp Score≈3.0 (CVSS2#E:ND/RL:OF/RC:C)
VulDB Reliability: Medium

CPE

  • cpe:/a:microsoft:azure_ad_connect

Exploiting

Class: Privilege escalation (CWE-269)
Local: Yes
Remote: No

Availability: No

Price Prediction: steady
Current Price Estimation

0-Day$0-$5k$5k-$25k$25k-$100k$100k-$500k
Today$0-$5k$5k-$25k$25k-$100k$100k-$500k
Countermeasures

Recommended: Upgrade
Status: Official fix
Reaction Time: 0 days since reported
0-Day Time: 0 days since found
Exposure Time: 0 days since known

UpgradeAzure AD Connect 1.1.553.0

Timeline

05/03/2017   CVE assigned
06/29/2017  +57 days Advisory disclosed
06/29/2017  +0 days Countermeasure disclosed
06/30/2017  +1 days VulDB entry created
06/30/2017  +0 days VulDB last update

Sources

Advisorytechnet.microsoft.com
Status: Confirmed

0 comments:

Post a comment