Apereo CAS 5.3.x prior to 5.3.16, 6.x prior to 6.1.7.2, 6.2.x prior to 6.2.4, and 6.3.x prior to 6.3.0-RC4 mishandles secret keys with Google Authenticator for multifactor authentication.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apereo central authentication service |
||
apereo central authentication service 6.3.0 |