cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2019-1258,https://securityvulnerability.io/vulnerability/CVE-2019-1258,Azure Active Directory Authentication Library Elevation of Privilege Vulnerability,"An elevation of privilege vulnerability exists in Azure Active Directory Authentication Library On-Behalf-Of flow, in the way the library caches tokens. This vulnerability allows an authenticated attacker to perform actions in context of another user.
The authenticated attacker can exploit this vulneraiblity by accessing a service configured for On-Behalf-Of flow that assigns incorrect tokens.
This security update addresses the vulnerability by removing fallback cache look-up for On-Behalf-Of scenarios.
",Microsoft,"Adal.net,Nuget 5.2.0",8.8,HIGH,0.0017399999778717756,false,false,false,false,,false,false,2019-08-14T20:55:06.000Z,0