CVE-2019-1006 - Microsoft Sharepoint Server, Microsoft Sharepoint Enterprise Server and Microsoft .net Framework
Critical 7.5
An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'.
Affected software
Microsoft Sharepoint Server
Microsoft Sharepoint Enterprise Server
Microsoft .net Framework
Microsoft Windows Server 2019
Microsoft Windows Server 2008
Microsoft Windows Server 2012
Microsoft Windows 7
Microsoft Windows 10
Microsoft Identitymodel
Microsoft Windows 8.1
Microsoft Windows Server 2016
Microsoft Windows Rt 8.1
Microsoft Sharepoint Foundation