cpe:/o:microsoft:windows_server_2012:r2 cpe:/o:microsoft:windows_server_2016:- cpe:/o:microsoft:windows_server_2016:1709 cpe:/o:microsoft:windows_server_2016:1803 CVE-2018-8340 2018-08-15T13:29:03.907-04:00 2019-10-02T20:03:26.223-04:00 4.0 NETWORK LOW SINGLE_INSTANCE PARTIAL NONE NONE http://nvd.nist.gov 2018-10-11T08:19:06.797-04:00 SECTRACK 1041474 BID 105029 CONFIRM https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8340 A security feature bypass vulnerability exists when Active Directory Federation Services (AD FS) improperly handles multi-factor authentication requests, aka "AD FS Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows Server 2012 R2, Windows 10 Servers.