{ "affected": [ { "database_specific": { "unresolved_ranges": [ { "events": [ { "introduced": "0" }, { "last_affected": "2.0-sp2" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "3.0-sp2" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "3.5" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "3.5" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "4.7.2" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "3.5" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "4.8" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "3.5.1" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "4.5.2" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "4.6" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "4.6" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "4.6.1" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "4.6.2" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "4.6" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "4.6.1" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "4.6.2" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "4.7" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "4.7.1" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "4.7.2" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "4.8" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "2013-sp1" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "2016" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "2010-sp2" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "2013-sp1" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "2019" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "1607" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "1703" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "1709" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "1803" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "1809" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "1903" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "r2-sp1" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "r2-sp1" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "r2" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "1803" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "1903" } ] } ] }, "ranges": [ { "database_specific": { "versions": [ { "introduced": "0" }, { "last_affected": "7.0.0" } ] }, "events": [ { "introduced": "0" }, { "last_affected": "b54b188c1804d4dcebb09a8be3a67916abd94fd7" } ], "repo": "https://github.com/powershell/powershell", "type": "GIT" } ] } ], "details": "An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'.", "id": "CVE-2019-1006", "modified": "2026-03-13T21:46:52.454260381Z", "published": "2019-07-15T19:15:16.390Z", "references": [ { "type": "FIX", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1006" } ], "severity": [ { "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "type": "CVSS_V3" } ] }