Skip to main content

Linotp

2 CVEs product

Monthly

CVE-2023-49706 MEDIUM This Month

Defective request context handling in Self Service in LinOTP 3.x before 3.2.5 allows remote unauthenticated attackers to escalate privileges, thereby allowing them to act as and with the permissions. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Privilege Escalation Linotp Virtual Appliance
NVD
CVSS 3.1
6.8
EPSS
0.6%
CVE-2019-12887 PyPI HIGH PATCH This Week

KeyIdentity LinOTP before 2.10.5.3 has Incorrect Access Control (issue 1 of 2). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Linotp
NVD
CVSS 3.0
8.1
EPSS
1.2%
EPSS 1% CVSS 6.8
MEDIUM This Month

Defective request context handling in Self Service in LinOTP 3.x before 3.2.5 allows remote unauthenticated attackers to escalate privileges, thereby allowing them to act as and with the permissions. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Privilege Escalation Linotp +1
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

KeyIdentity LinOTP before 2.10.5.3 has Incorrect Access Control (issue 1 of 2). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Linotp
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy