CVE-2014-6331

Name of the Vulnerable Software and Affected Versions Microsoft Active Directory Federation Services (AD FS) versions 2.0 through 3.0

Description The issue arises when a configured SAML Relying Party lacks a sign-out endpoint, leading to improper processing of logoff actions. This makes it easier for remote attackers to obtain access by leveraging an unattended workstation.

Recommendations For Microsoft Active Directory Federation Services (AD FS) versions 2.0 through 3.0, configure a sign-out endpoint for all SAML Relying Parties to properly process logoff actions and prevent unauthorized access.