CNNVD-202507-1191 Information

CNNVD ID

CNNVD-202507-1191

Related CVE

CVE-2025-7030

• CNNVD Published: 2025-07-08

Description (Chinese)

Drupal Two-factor Authentication是Drupal社区的一个模块。 Drupal Two-factor Authentication 1.11.0之前版本存在安全漏洞，该漏洞源于权限定义不当，可能导致访问控制不当。

Description (English)

Drupal Two-factor Association is a module of the Drupal community. There was a security loophole in the pre-Drupal Two-factor System 1.11.0, which stemmed from an inappropriate definition of privileges, which could lead to inappropriate access controls.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Drupal

Published

2025-07-08

Last Modified

2026-02-24

References

https://www.drupal.org/sa-contrib-2025-085 https://vigilance.fr/vulnerability/Drupal-Two-factor-Authentication-TFA-user-access-via-Recovery-Codes-47588

Patch

https://www.drupal.org/sa-contrib-2025-085