5 matches found
CVE-2024-13239
Weak Authentication vulnerability in Drupal Two-factor Authentication TFA allows Authentication Abuse.This issue affects Two-factor Authentication TFA: from 0.0.0 before 1.5.0...
CVE-2024-13239
creationtimestamp| type| source ---|---|--- 2025-01-09 18:44:39+00:00| seen| https://infosec.exchange/users/cve/statuses/113799874404488763 2025-01-09 19:15:38+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfdfau52es2l 2025-01-10 18:04:29+00:00| seen|...
CVE-2024-13239 Two-factor Authentication (TFA) - Moderately critical - Access bypass - SA-CONTRIB-2024-003
Weak Authentication vulnerability in Drupal Two-factor Authentication TFA allows Authentication Abuse.This issue affects Two-factor Authentication TFA: from 0.0.0 before 1.5.0...
CVE-2024-13239 Two-factor Authentication (TFA) - Moderately critical - Access bypass - SA-CONTRIB-2024-003
Weak Authentication vulnerability in Drupal Two-factor Authentication TFA allows Authentication Abuse.This issue affects Two-factor Authentication TFA: from 0.0.0 before 1.5.0...
CVE-2024-13239
CVE-2024-13239 affects the Drupal Two-factor Authentication (TFA) module. The vulnerability arises from a weak authentication mechanism in TFA that enables authentication abuse and bypass of access controls. Affected are TFA versions from 0.0.0 up to but not including 1.5.0. The underlying root c...