exploitDog

CVE-2025-7030

Опубликовано: 08 июл. 2025

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

Privilege Defined With Unsafe Actions vulnerability in Drupal Two-factor Authentication (TFA) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Two-factor Authentication (TFA): from 0.0.0 before 1.11.0.

Ссылки

https://www.drupal.org/sa-contrib-2025-085
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:two-factor_authentication_project:two-factor_authentication:*:*:*:*:*:drupal:*:*

Версия до 8.x-1.11 (исключая)

EPSS

Процентиль: 23%

0.00075

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-267

Связанные уязвимости

GHSA-93j9-6whq-hmr3

CVSS3: 6.5

github

7 месяцев назад

Privilege Defined With Unsafe Actions vulnerability in Drupal Two-factor Authentication (TFA) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Two-factor Authentication (TFA): from 0.0.0 before 1.11.0.

EPSS

Процентиль: 23%

0.00075

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-267