CVE-2024-11209 | Apereo CAS 6.6 2FA /login?service improper authentication

A vulnerability was found in Apereo CAS 6.6. It has been classified as critical. This affects an unknown part of the file /login?service of the component 2FA. The manipulation leads to improper authentication.

This vulnerability is uniquely identified as CVE-2024-11209. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-11209 | Apereo CAS 6.6 2FA /login?service improper authentication

Related Posts

CVE-2024-8102 | Ultimate Toolkit Plugin up to 3.0.8 on WordPress Options Update improper authorization

CVE-2023-5673 | WP Mail Log Plugin up to 1.1.2 on WordPress File Extension unrestricted upload

CVE-2024-39739 | IBM Datacap Navigator 9.1.5/9.1.6/9.1.7/9.1.8/9.1.9 server-side request forgery (XFDB-296008)

CVE-2024-1092 | Feedzy RSS Aggregator Plugin up to 4.4.1 on WordPress authorization