Microsoft Active Directory Federation Services CVE-2017-0043 Information Disclosure Vulnerability
Description
To exploit this condition, an authenticated attacker would need to send a specially crafted request to the ADFS service. Note that the information disclosure vulnerability by itself would not be sufficient for an attacker to compromise a system. However, an attacker could combine this vulnerability with additional vulnerabilities to further exploit the system.
Affected Applications
Windows Server 2008
Windows Server 2012
Windows Server 2016