Mike Crowley

**Name of the Vulnerable Software and Affected Versions** Active Directory Federation Services (ADFS) (affected versions not specified) **Description** A security feature bypass issue exists due to improper updates of banned IP addresses in Active Directory Federation Services (ADFS). To exploit this, an attacker must convince an ADFS administrator to update the banned IP address list. This issue allows attackers to bypass security features, potentially enabling them to affect the system. The vulnerability is related to errors in security settings and can be exploited by a remote attacker to bypass authentication procedures. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.