Skip to main content

Identitymodel

1 CVEs product

Monthly

CVE-2019-1006 HIGH PATCH This Week

An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Microsoft Net Framework Identitymodel Sharepoint Enterprise Server +10
NVD
CVSS 3.0
7.5
EPSS
6.0%
EPSS 6% CVSS 7.5
HIGH PATCH This Week

An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Microsoft Net Framework +12
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy