Unrated severityNVD Advisory· Published May 15, 2013· Updated Jun 16, 2026
CVE-2013-1337
CVE-2013-1337
Description
Microsoft .NET Framework 4.5 does not properly create policy requirements for custom Windows Communication Foundation (WCF) endpoint authentication in certain situations involving passwords over HTTPS, which allows remote attackers to bypass authentication by sending queries to an endpoint, aka "Authentication Bypass Vulnerability."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:microsoft:.net_framework:4.5:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:microsoft:.net_framework:4.5:*:*:*:*:*:*:*
- (no CPE)range: =4.5
Patches
Vulnerability mechanics
References
3- www.us-cert.gov/ncas/alerts/TA13-134AnvdThird Party AdvisoryUS Government Resource
- docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-040nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16741nvd
News mentions
0No linked articles in our index yet.