CVE-2019-1006

7.5HIGH

Key Information:

Vendor: Microsoft
Status: Windows; Windows Server; Microsoft Sharepoint Foundation; Microsoft .net Framework 4.5.2
Vendor: CVE Published:; 15 July 2019

Badges

👾 Exploit Exists🟡 Public PoC

Summary

An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'.

Affected Version(s)

Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2

Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2

Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2019-1006
Created by 521526

References

https://portal.msrc.microsoft.com/en-US/security-guidance...

x_refsource_MISC

EPSS Score

0% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

🟡
Public PoC available
Mar 26, 2023
👾
Exploit known to exist
Mar 26, 2023
Vulnerability published
Jul 15, 2019
Vulnerability Reserved
Nov 26, 2018

Collectors

NVD DatabaseMitre Database1 Proof of Concept(s)