Mageni Security Scanner Plugin

We can help you to find and fix this vulnerability for free.

Microsoft SharePoint Foundation 2013 WCF/WIF SAML Authentication Bypass Vulnerability (KB4475527)

  • Severity Level:
    High Severity
  • CVSS Base Vector:
    AV:N/AC:M/Au:N/C:C/I:C/A:C

  • Summary:
    This host is missing an important security update according to Microsoft KB4475527

  • Detection Method:
    Checks if a vulnerable version is present on the target host

  • Technical Details:
    An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys.

  • Impact:
    Successful exploitation will allow an attacker to bypass the authentication mechanism and gain unauthorized access. This may lead to further attacks.

  • Affected Versions:
    Microsoft SharePoint Foundation 2013 Service Pack 1

  • Recommendations:
    The vendor has released updates. Please see the references for more information.

  • Solution Type:
    Vendor Patch

  • Detection Type:
    Executable

  • CVSS Score:
    9.3
  • Family:
    Windows : Microsoft Bulletins
  • Creation Time:
    2019-07-10 07:24:55
  • Modification Time:
    2019-07-10 14:00:44
  • NVD CVE ID:
    CVE-2019-1006
  • BID:
    108978
  • Keyword Search

    Search CVEs, Products and Vendors.

    Plugin Statistics

    Total Plugins: 66,687

    Download Mageni Vulnerability Platform

    Mageni provides a free vulnerability scanning and management platform which helps you need to find, prioritize, remediate and manage the vulnerabilities.