PT-2025-47047

Name of the Vulnerable Software and Affected Versions GitLab EE versions 18.1 through 18.3.6 GitLab EE versions 18.4 through 18.4.4 GitLab EE versions 18.5 through 18.5.2 Description A security issue exists in GitLab EE that, under specific conditions, could allow an attacker to remove Duo...

EUVD-2021-13070

Malware in sbrugna...

CVE-2021-26253

A potential vulnerability in Splunk Enterprise's implementation of DUO MFA allows for bypassing the MFA verification in Splunk Enterprise versions before 8.1.6. The potential vulnerability impacts Splunk Enterprise instances configured to use DUO MFA and does not impact or affect a DUO product or...

CVE-2021-26253

A potential vulnerability in Splunk Enterprise's implementation of DUO MFA allows for bypassing the MFA verification in Splunk Enterprise versions before 8.1.6. The potential vulnerability impacts Splunk Enterprise instances configured to use DUO MFA and does not impact or affect a DUO product or...

CVE-2021-26253

A potential vulnerability in Splunk Enterprise's implementation of DUO MFA allows for bypassing the MFA verification in Splunk Enterprise versions before 8.1.6. The potential vulnerability impacts Splunk Enterprise instances configured to use DUO MFA and does not impact or affect a DUO product or...

Code injection

A potential vulnerability in Splunk Enterprise's implementation of DUO MFA allows for bypassing the MFA verification in Splunk Enterprise versions before 8.1.6. The potential vulnerability impacts Splunk Enterprise instances configured to use DUO MFA and does not impact or affect a DUO product or...

CVE-2021-26253

CVE-2021-26253 describes a bypass of Splunk Enterprise’s Duo MFA in versions prior to 8.1.6. The vulnerability affects Splunk Enterprise instances configured to use Duo MFA; it does not impact Duo’s products or services. Connected sources confirm an MFA bypass risk tied to Splunk’s MFA implementa...

CVE-2021-26253 Bypass of Splunk Enterprise's implementation of DUO MFA

A potential vulnerability in Splunk Enterprise's implementation of DUO MFA allows for bypassing the MFA verification in Splunk Enterprise versions before 8.1.6. The potential vulnerability impacts Splunk Enterprise instances configured to use DUO MFA and does not impact or affect a DUO product or...

PT-2022-9720 · Splunk · Splunk Enterprise

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 8.1.6 Description: A potential issue in Splunk Enterprise's implementation of DUO MFA allows for bypassing the MFA verification. This issue impacts Splunk Enterprise instances configured to use DUO MFA and...

FBI, CISA Warn of Russian Hackers Exploiting MFA and PrintNightmare Bug

The U.S. Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FBI have released a joint advisory warning that Russia-backed threat actors hacked the network of an unnamed non-governmental entity by exploiting a combination of flaws. "As early as May 2021,...

How the SolarWinds Hackers Bypassed Duo’s Multi-Factor Authentication

This is interesting: Toward the end of the second incident that Volexity worked involving Dark Halo, the actor was observed accessing the e-mail account of a user via OWA. This was unexpected for a few reasons, not least of which was the targeted mailbox was protected by MFA. Logs from the Exchan...