Описание
The passwordless login mechanism in CGFIDO from Changing Information Technology has an Authentication Bypass vulnerability, allowing remote attackers with regular privileges to send a crafted request to switch to the identity of any user, including administrators.
EPSS
Процентиль: 71%
0.00663
Низкий
8.8 High
CVSS3
Дефекты
CWE-302
Связанные уязвимости
CVSS3: 8.8
github
около 1 года назад
The passwordless login mechanism in CGFIDO from Changing Information Technology has an Authentication Bypass vulnerability, allowing remote attackers with regular privileges to send a crafted request to switch to the identity of any user, including administrators.
EPSS
Процентиль: 71%
0.00663
Низкий
8.8 High
CVSS3
Дефекты
CWE-302