4 matches found
CVE-2025-23017
WorkOS Hosted AuthKit before 2025-01-07 allows a password authentication MFA bypass by enrolling a new authentication factor when the attacker knows the user's password. No exploitation occurred...
CVE-2025-23017
WorkOS Hosted AuthKit before 2025-01-07 allows a password authentication MFA bypass by enrolling a new authentication factor when the attacker knows the user's password. No exploitation occurred...
CVE-2025-23017
WorkOS Hosted AuthKit before 2025-01-07 allows a password authentication MFA bypass by enrolling a new authentication factor when the attacker knows the user's password. No exploitation occurred...
CVE-2025-23017
Vulnerability summary (CVE-2025-23017) : WorkOS Hosted AuthKit before 2025-01-07 is affected. An attacker who knows a user’s password can bypass MFA by enrolling a new authentication factor. The description notes that no exploitation occurred. The practical impact is a password-authentication MFA...