Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Authentication Bypass.This issue affects Enterprise MFA - TFA for Drupal: from 0.0.0 before 4.7.0, from 5.0.0 before 5.2.0.
A product requires authentication, but the product has an alternate path or channel that does not require authentication.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Miniorange_2fa | Miniorange | 5.0.0 (including) | 5.2.0 (excluding) |
Miniorange_2fa | Miniorange | 7.x-2.16 (including) | 8.x-4.7 (excluding) |