- Description
- The passwordless login mechanism in CGFIDO from Changing Information Technology has an Authentication Bypass vulnerability, allowing remote attackers with regular privileges to send a crafted request to switch to the identity of any user, including administrators.
- Source
- twcert@cert.org.tw
- NVD status
- Received
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- twcert@cert.org.tw
- CWE-302
- Hype score
- Not currently trending
CVE-2024-12838 (CVSS:8.8, HIGH) is Awaiting Analysis. The passwordless login mechanism in CGFIDO from Changing Information Technology has an Authentication Bypass vulnerabili..https://t.co/tnZxjb13BJ #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
5 Jan 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-12838 The passwordless login mechanism in CGFIDO from Changing Information Technology has an Authentication Bypass vulnerability, allowing remote attackers with regular pri… https://t.co/sLY03NWFD6
@CVEnew
31 Dec 2024
380 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-12838 Authentication Bypass in CGFIDO Allows User Identity Spoofing CGFIDO from Changing Information Technology has an Authentication Bypass flaw. This flaw is in the passwordless login system. It lets r... https://t.co/3ZcmGmaxjJ
@VulmonFeeds
31 Dec 2024
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2024-12838: HIGH] CGFIDO by Changing Information Technology has an Authentication Bypass vulnerability, enabling attackers to switch to any user's identity, compromising security protocols.#cybersecurity,#vulnerability https://t.co/5YJODFQn5Y https://t.co/2Q7ydMETfq
@CveFindCom
31 Dec 2024
42 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes