Microsoft SharePoint Foundation 2013 WCF/WIF SAML Authentication Bypass Vulnerability (KB4475527)
Severity Level: High Severity
CVSS Base Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Summary: This host is missing an important security
update according to Microsoft KB4475527
Detection Method: Checks if a vulnerable version is present on the target host
Technical Details: An authentication bypass vulnerability exists
in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF),
allowing signing of SAML tokens with arbitrary symmetric keys.
Impact: Successful exploitation will allow an attacker
to bypass the authentication mechanism and gain unauthorized access. This may
lead to further attacks.
Affected Versions: Microsoft SharePoint Foundation 2013 Service Pack 1
Recommendations: The vendor has released updates. Please see the
references for more information.
Solution Type: Vendor Patch
Detection Type: Executable
CVSS Score: 9.3
Family: Windows : Microsoft Bulletins
Creation Time: 2019-07-10 07:24:55
Modification Time: 2019-07-10 14:00:44
NVD CVE ID:
Total Plugins: 66,687
Download Mageni Vulnerability Platform
Mageni provides a free vulnerability scanning and management platform which helps you need to find, prioritize, remediate and manage the vulnerabilities.