Количество 2
Количество 2
CVE-2023-49075
The Admin Classic Bundle provides a Backend UI for Pimcore. `AdminBundle\Security\PimcoreUserTwoFactorCondition` introduced in v11 disable the two factor authentication for all non-admin security firewalls. An authenticated user can access the system without having to provide the two factor credentials. This issue has been patched in version 1.2.2.
GHSA-9wwg-r3c7-4vfg
Pimcore Admin UI has Two Factor Authentication disabled for non admin security firewalls
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-49075 The Admin Classic Bundle provides a Backend UI for Pimcore. `AdminBundle\Security\PimcoreUserTwoFactorCondition` introduced in v11 disable the two factor authentication for all non-admin security firewalls. An authenticated user can access the system without having to provide the two factor credentials. This issue has been patched in version 1.2.2. | CVSS3: 8.4 | 0% Низкий | около 2 лет назад |
| GHSA-9wwg-r3c7-4vfg Pimcore Admin UI has Two Factor Authentication disabled for non admin security firewalls | CVSS3: 8.4 | 0% Низкий | около 2 лет назад |
Уязвимостей на страницу