Unrated severityNVD Advisory· Published May 15, 2013· Updated Apr 29, 2026

CVE-2013-1337

Description

Microsoft .NET Framework 4.5 does not properly create policy requirements for custom Windows Communication Foundation (WCF) endpoint authentication in certain situations involving passwords over HTTPS, which allows remote attackers to bypass authentication by sending queries to an endpoint, aka "Authentication Bypass Vulnerability."

Affected products

Microsoft/.net Framework
cpe:2.3:a:microsoft:.net_framework:4.5:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.us-cert.gov/ncas/alerts/TA13-134AnvdThird Party AdvisoryUS Government Resource
docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-040nvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16741nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.018
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000