CVE-2019-1000

Name of the Vulnerable Software and Affected Versions Microsoft Azure Active Directory Connect version 1.3.20.0

Description The issue is related to insufficient access restrictions in Microsoft Azure Active Directory Connect, allowing a remote attacker to elevate their privileges. To exploit this, an attacker must authenticate to the Azure AD Connect server. This could enable the attacker to execute specific PowerShell cmdlets in the context of a privileged account and perform privileged actions.

Recommendations For Microsoft Azure Active Directory Connect version 1.3.20.0, consider restricting access to the Azure AD Connect server and limiting the execution of privileged PowerShell cmdlets until a patch is available. As a temporary workaround, restrict the use of privileged accounts on the Azure AD Connect server to minimize the risk of exploitation.