Published: 15/07/2019 Updated: 19/07/2019
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Vulnerability Summary

An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'.

Vulnerability Trend

Recent Articles

Microsoft Patch Tuesday – July 2019
Symantec Threat Intelligence Blog • Ratheesh PM • 10 Jul 2020

This month the vendor has patched 77 vulnerabilities, 16 of which are rated Critical.

Posted: 10 Jul, 201922 Min ReadThreat Intelligence SubscribeFollowtwitterfacebooklinkedinMicrosoft Patch Tuesday – July 2019This month the vendor has patched 77 vulnerabilities, 16 of which are rated Critical.As always, customers are advised to follow these security best practices:

Install vendor patches as soon as they are available.
Run all software with the least privileges required while still mainta...

Microsoft Releases July 2019 Office Updates With Security Fixes
BleepingComputer • Sergiu Gatlan • 09 Jul 2019

Microsoft released the July 2019 Office Updates today that bundle 20 security updates and 5 cumulative updates. Seeing that some of the Microsoft Office security updates issued today also resolve critical vulnerabilities, it is strongly advised to install them as soon as possible.
Out of the 20 Office security updates released by Microsoft today, six of them fix remote code execution vulnerabilities (CVE-2019-1110 and CVE-2019-1111) within Office 2016, Office 2013, Office 2010, Excel 20...