CVE-2020-27178

🗓️ 16 Oct 2020 16:11:15Reported by [email protected]Type

Apereo CAS mishandles secret keys with Google Authenticator for multifactor authenticatio

Reporter	Title	Published	Views	Family All 7
OSV	Improper Authentication in Apereo CAS	2 Aug 202116:47	–	osv
OSV	CVE-2020-27178	16 Oct 202016:15	–	osv
Veracode	Information Disclosure	19 Oct 202007:36	–	veracode
Github Security Blog	Improper Authentication in Apereo CAS	2 Aug 202116:47	–	github
Prion	Authentication flaw	16 Oct 202016:15	–	prion
Cvelist	CVE-2020-27178	16 Oct 202015:22	–	cvelist
CVE	CVE-2020-27178	16 Oct 202016:15	–	cve

Nvd

Node

apereo central_authentication_serviceRange5.3.0–5.3.16

apereo central_authentication_serviceRange6.0.0–6.1.7.2

apereo central_authentication_serviceRange6.2.0–6.2.4

apereo central_authentication_serviceMatch6.3.0rc1

apereo central_authentication_serviceMatch6.3.0rc2

apereo central_authentication_serviceMatch6.3.0rc3

Source	Link
apereo	www.apereo.github.io/2020/10/14/gauthvuln/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

16 Oct 2020 16:15Current

CVSS25

CVSS37.5

EPSS0.00225