CVE-2019-1006
HIGH.NET Framework - Authentication Bypass via SAML Token Arbitrary Symmetric Key Signing
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2019-1006. PoCs published by 521526.
AI-analyzed exploit summary This repository contains a Python script that checks for the presence of CVE-2019-1006 by verifying the version of the MsRdpClientShell.ActiveX control on an RDG Gateway server. It does not exploit the vulnerability but scans for it by analyzing the server's response.
Description
An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'.
Exploits (1)
This repository contains a Python script that checks for the presence of CVE-2019-1006 by verifying the version of the MsRdpClientShell.ActiveX control on an RDG Gateway server. It does not exploit the vulnerability but scans for it by analyzing the server's response.
References (1)
Scores
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N