CNNVD-202506-3309 Information

CNNVD ID

CNNVD-202506-3309

Related CVE

CVE-2025-6675

• CNNVD Published: 2025-06-26

Description (Chinese)

Drupal Enterprise MFA - TFA for Drupal是Drupal社区的一个Drupal内容管理系统中的模块插件。 Drupal Enterprise MFA - TFA for Drupal 4.8.0之前版本、5.2.1之前版本、5.0.*之前版本和5.1.*之前版本存在安全漏洞，该漏洞源于身份验证绕过。

Description (English)

Drupal Enterprise MFA-TFA for Drupal is a modular plugin in a Drupal content management system in the Drupal community. There is a security loophole in the Drupal Enterprise MFA-TFA for Drupal 4.8.0, in the previous 5.2.1 version, in the previous version of 5.0* and in the previous version of 5.1.*, which stems from the circumvention of the identity.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Drupal

Published

2025-06-26

Last Modified

2026-02-24

References

https://www.drupal.org/sa-contrib-2025-082

Patch

https://www.drupal.org/sa-contrib-2025-082