CVE-2014-7828#

CVE-2014-7828#

Summary#

This vulnerability allows users with enabled OTP token to authenticate using only the second factor.

Affected Versions#

4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4 and 4.1.0

Impact#

Moderate

Fixed in Versions#

4.0.5, 4.1.1

Manual Instructions#

Disable OTP authentication for the users.

More Information#

For more information see