MS.Active.Directory.Information.Disclosure.Vuln.MS14-077
Description
Microsoft Active Directory is a directory service.
The vulnerability could allow information disclosure if a user leaves their browser open after logging off from an application, and an attacker reopens the application in the browser immediately after the user has logged off.
Affected Products
Windows Server 2008
Windows Server 2008 R2
Windows Server 2012
Windows Server 2012 R2
Impact
The vulnerable system can be compromised by an attacker for gaining partial access to the system. Therefore there is a risk of leaking sensitive information and application configuration modification without user notice.
Recommended Actions
Please download and apply patches as instructed in https://technet.microsoft.com/library/security/MS14-077.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |