Описание
WorkOS Hosted AuthKit before 2025-01-07 allows a password authentication MFA bypass (by enrolling a new authentication factor) when the attacker knows the user's password. No exploitation occurred.
EPSS
Процентиль: 23%
0.00079
Низкий
6 Medium
CVSS3
Дефекты
CWE-305
Связанные уязвимости
CVSS3: 6
github
12 месяцев назад
WorkOS Hosted AuthKit before 2025-01-07 allows a password authentication MFA bypass (by enrolling a new authentication factor) when the attacker knows the user's password. No exploitation occurred.
EPSS
Процентиль: 23%
0.00079
Низкий
6 Medium
CVSS3
Дефекты
CWE-305