Security Advisory

CVE-2024-12838

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-12-31 01:24:48

Last updated 2024-12-31 15:56:46

Assigner twcert

State PUBLISHED

Description

The passwordless login mechanism in CGFIDO from Changing Information Technology has an Authentication Bypass vulnerability, allowing remote attackers with regular privileges to send a crafted request to switch to the identity of any user, including administrators.

← Browse all CVEs View on cve.org ↗