CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-4177

The Google Authenticator login module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.4 for Drupal does not properly identify user account names, which might allow remote attackers to bypass the two-factor authentication requirement via unspecified vectors.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.014

EPSS Ranking 79.2%

CVSS Severity

CVSS v2 Score 5.0

References

Products affected by CVE-2013-4177

Drupal » Drupal » Version: N/A

cpe:2.3:a:drupal:drupal:-
Google Authenticator Login Project » Ga Login » Version: 6.x-1.0

cpe:2.3:a:google_authenticator_login_project:ga_login:6.x-1.0
Google Authenticator Login Project » Ga Login » Version: 6.x-1.1

cpe:2.3:a:google_authenticator_login_project:ga_login:6.x-1.1
Google Authenticator Login Project » Ga Login » Version: 6.x-1.x

cpe:2.3:a:google_authenticator_login_project:ga_login:6.x-1.x
Google Authenticator Login Project » Ga Login » Version: 7.x-1.0

cpe:2.3:a:google_authenticator_login_project:ga_login:7.x-1.0
Google Authenticator Login Project » Ga Login » Version: 7.x-1.1

cpe:2.3:a:google_authenticator_login_project:ga_login:7.x-1.1
Google Authenticator Login Project » Ga Login » Version: 7.x-1.2

cpe:2.3:a:google_authenticator_login_project:ga_login:7.x-1.2
Google Authenticator Login Project » Ga Login » Version: 7.x-1.3

cpe:2.3:a:google_authenticator_login_project:ga_login:7.x-1.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-4177

Products

Pricing

Contact Us