{"@odata.context":"https://api.msrc.microsoft.com/sug/v2.0/sugodata/v2.0/en-US/$metadata#vulnerability/$entity","id":"00000000-0000-0000-0000-000094e2c2d4","releaseDate":"2021-07-13T07:00:00Z","cveNumber":"CVE-2021-33779","cveTitle":"Windows AD FS Security Feature Bypass Vulnerability","releaseNumber":"2021-Jul","vulnType":"Security Vulnerability","latestRevisionDate":"2021-07-13T07:00:00Z","cweList":[],"cweDetailsListForSearch":[],"mitreText":"CVE-2021-33779","mitreUrl":"https://www.cve.org/CVERecord?id=CVE-2021-33779","publiclyDisclosed":"Yes","exploited":"No","latestSoftwareReleaseId":2,"latestSoftwareRelease":"Exploitation Less Likely","olderSoftwareReleaseId":2,"olderSoftwareRelease":"Exploitation Less Likely","denialOfService":"N/A","tag":"Active Directory Federation Services","issuingCna":"Microsoft","issuingCnaId":0,"severityId":100000001,"severity":"Important","impactId":100000007,"impact":"Security Feature Bypass","langCode":"en-US","baseScore":"8.1","temporalScore":"7.1","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C","isMariner":false,"customerActionRequired":true,"customerActionRequiredId":0,"cweDetailsList":[],"articles":[{"articleType":"FAQ","description":"<p><strong>What kind of security feature could be bypassed by successfully exploiting this vulnerability?</strong></p>\n<p>This vulnerability relates to Primary Refresh Tokens which are usually stored in TPM. These tokens are usually used for SSO for Azure AD accounts. The tokens are not encrypted in a strong enough manner, and an administrator with access to a vulnerable system could extract and potentially decrypt the token for reuse until the token expires or is renewed.</p>\n","ordinal":10000}],"revisions":[{"cveNumber":"CVE-2021-33779","version":1,"revisionDate":"2021-07-13T07:00:00Z","initialDate":"0001-01-01T00:00:00Z","description":"<p>Information published.</p>\n","unformattedDescription":"Information published.","notificationNeeded":false,"notificationSent":false,"sourceId":"4178ee01-70c9-eb11-a838-000d3a6d35d9"}]}