Security Advisory

CVE-2023-44039

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-04-03 00:00:00

Last updated 2024-08-21 20:39:03

Assigner mitre

State PUBLISHED

Description

In VeridiumID before 3.5.0, the WebAuthn API allows an internal unauthenticated attacker (who can pass enrollment verifications and is allowed to enroll a FIDO key) to register their FIDO authenticator to a victim’s account and consequently take over the account.

← Browse all CVEs View on cve.org ↗