CNNVD-202510-1789 Information

CNNVD ID

CNNVD-202510-1789

Related CVE

CVE-2025-59258

• CNNVD Published: 2025-10-14

Description (Chinese)

Microsoft Active Directory Federation Services是美国微软（Microsoft）公司的一个在Windows Server操作系统上运行的软件组件。它为用户提供对无法通过Active Directory ( AD )使用集成Windows身份验证 (IWA) 的系统和应用程序的单点登录访问。 Microsoft Active Directory Federation Services存在日志信息泄露漏洞，该漏洞源于攻击者利用该漏洞可以获取敏感信息。

Description (English)

Microsoft Active Directory Management Services is a software component run by Microsoft America on Windows Server operating systems. It provides users with single-point access to systems and applications that cannot use integrated Windows (IWA) authentication via Active Directory (AD). Microsoft Active Directory Safety Services has a log leak, which stems from the fact that the attackers use it to obtain sensitive information.

Hazard Level

High

Vulnerability Type

日志信息泄露

Affected Vendor

微软

Published

2025-10-14

Last Modified

2026-02-24

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59258

Patch

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59258