Security Advisory

CVE-2022-35248

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-09-23 18:28:12

Last updated 2024-08-03 09:29:17

Assigner hackerone

State PUBLISHED

Description

A improper authentication vulnerability exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 that allowed two factor authentication can be bypassed when telling the server to use CAS during login.

← Browse all CVEs View on cve.org ↗