vulnerability

Microsoft Windows: CVE-2018-8340: ADFS Security Feature Bypass Vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:L/Au:S/C:P/I:N/A:N)	Aug 14, 2018	Aug 14, 2018	Sep 5, 2025

Severity

CVSS

(AV:N/AC:L/Au:S/C:P/I:N/A:N)

Published

Aug 14, 2018

Added

Aug 14, 2018

Modified

Sep 5, 2025

Description

A security feature bypass vulnerability exists when Active Directory Federation Services (AD FS) improperly handles multi-factor authentication requests, aka "AD FS Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows Server 2012 R2, Windows 10 Servers.

Solutions

microsoft-windows-windows_server_2012_r2-kb4343888microsoft-windows-windows_server_2016-1607-kb4343887msft-kb4343888-9ab5e18d-f797-40d7-9060-45a9866d6d6emsft-kb4343888-a66d6492-e84f-418a-84dd-8a5ad6ae0ba5

References

BID-105029
CVE-2018-8340
https://attackerkb.com/topics/CVE-2018-8340
URL-https://support.microsoft.com/help/4343887
URL-https://support.microsoft.com/help/4343888

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today