Unauthorized Access via Misconfigured Azure AD Connect Password Writeback

Unauthorized Access via Misconfigured Azure AD Connect Password Writeback

CVE-2017-8613 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Azure AD Connect Password writeback, if misconfigured during enablement, allows an attacker to reset passwords and gain unauthorized access to arbitrary on-premises AD privileged user accounts aka "Azure AD Connect Elevation of Privilege Vulnerability."

Learn more about our User Device Pen Test.