Skip to main content

Email Otp Authenticator

1 CVEs product

Monthly

CVE-2024-0391 MEDIUM PATCH This Month

The check user account lock states feature within the email OTP flow fails to validate user input, allowing an attacker to infer the existence of registered user accounts. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Wso2 Identity Server Wso2 Open Banking Iam Wso2 Identity Server As Key Manager Email Otp Authenticator +1
NVD
CVSS 3.1
5.3
EPSS
0.0%
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

The check user account lock states feature within the email OTP flow fails to validate user input, allowing an attacker to infer the existence of registered user accounts. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Wso2 Identity Server Wso2 Open Banking Iam +3
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy