Skip to content
CVSS 10.0CVSS 10.0 · CRITICAL

CVE-2026-54782

CoreWCF is a port of the service side of Windows Communication Foundation (WCF) to .NET Core. Prior to 1.8.1 and 1.9.1, CoreWCF SAML 1.1 and SAML 2.0 token validation does not correctly resolve the issuer signing key or require signed tokens when IdentityConfiguration is used with federated bindings, allowing an unauthenticated remote attacker to impersonate any principal the trusted STS could issue. This issue is fixed in versions 1.8.1 and 1.9.1.

Ver en NVD

Análisis

CoreWCF presenta una vulnerabilidad critica en la validacion de tokens SAML 1.1 y 2.0 que permite a un atacante remoto no autenticado suplantar cualquier identidad. El fallo ocurre al usar IdentityConfiguration con enlaces federados, facilitando el bypass total de la autenticacion en servicios backend construidos con .NET Core. Es imperativo actualizar inmediatamente a las versiones 1.8.1 o 1.9.1 para corregir este error de severidad maxima.

Roles relevantes

BackendCyberSecurityCloudWindowsLinux

Severidad

Puntaje: 10.0(CRITICAL)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
AV: NETWORK
AC: LOW
PR: NONE
UI: NONE
S: CHANGED
C: HIGH
I: HIGH
A: NONE
Tipo de falla (CWE): CWE-290CWE-347

EPSS

Sin puntaje EPSS aún (CVE muy reciente).

Descripción técnica

CoreWCF is a port of the service side of Windows Communication Foundation (WCF) to .NET Core. Prior to 1.8.1 and 1.9.1, CoreWCF SAML 1.1 and SAML 2.0 token validation does not correctly resolve the issuer signing key or require signed tokens when IdentityConfiguration is used with federated bindings, allowing an unauthenticated remote attacker to impersonate any principal the trusted STS could issue. This issue is fixed in versions 1.8.1 and 1.9.1.

Publicada: 8/7/2026, 23:16:56
Última modificación: 8/7/2026, 23:16:56

Referencias

InicioEventosBlogRecursosEquipo