#VU97989 Session Fixation in Two-factor Authentication (TFA)

Cybersecurity Help s.r.o.

Published: 2024-10-03

Vulnerability identifier: #VU97989

Vulnerability risk: Medium

CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: N/A

CWE-ID: CWE-384

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Two-factor Authentication (TFA)
Web applications / Modules and components for CMS

Vendor: coltrane

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to the affected module does not sufficiently migrate sessions before prompting for a second factor token. A remote attacker can gain access to the target application.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Two-factor Authentication (TFA): before 7.x-2.4

External links
https://www.drupal.org/sa-contrib-2024-043

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Session Fixation in Two-factor Authentication (TFA) module for Drupal