Unrated severityNVD Advisory· Published May 13, 2019· Updated Aug 4, 2024
CVE-2019-7218
CVE-2019-7218
Description
Citrix ShareFile before 19.23 allows a downgrade from two-factor authentication to one-factor authentication. An attacker with access to the offline victim's otp physical token or virtual app (like google authenticator) is able to bypass the first authentication phase (username/password mechanism) and log-in using username/otp combination only (phase 2 of 2FA).
Affected products
2- Citrix/ShareFiledescription
- Range: <19.23
Patches
Vulnerability mechanics
References
1- www.sk-it.com/en/cve.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.