Lucene search
GoogleOSV:CVE-2021-38299HistorySep 27, 2021 - 6:15 a.m.
CVE-2021-38299
2021-09-2706:15:07
Google
osv.dev
4
Webauthn Framework 3.3.x before 3.3.4 has Incorrect Access Control. An attacker that controls a user’s system is able to login to a vulnerable service using an attached FIDO2 authenticator without passing a check of the user presence.
| CPE | Name | Operator | Version |
|---|---|---|---|
| webauthn-framework | eq | 3.3.2 | |
| webauthn-framework | eq | 3.3.1 | |
| webauthn-framework | eq | 3.3.3 | |
| webauthn-framework | eq | 3.3.0 |
Related
prion
prion
Design/Logic Flaw
2021-09-27 06:15:00
cvelist
cvelist
CVE-2021-38299
2021-09-27 05:55:51
veracode
veracode
Insecure Access Control
2021-09-28 05:08:52
nextcloud
nextcloud
Missing User Presence Check in Nextcloud WebAuthn login
2021-10-25 11:02:44
cve
cve
CVE-2021-38299
2021-09-27 06:15:07
osv
osv
Improper Access Control in Webauthn Framework
2021-09-29 17:16:07
nvd
nvd
CVE-2021-38299
2021-09-27 06:15:07
github
github
Improper Access Control in Webauthn Framework
2021-09-29 17:16:07