Shibboleth Authentication Module 7.x-4.0 for Drupal User Bypass Vulnerability

Shibboleth Authentication Module 7.x-4.0 for Drupal User Bypass Vulnerability

CVE-2012-4494 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

The Shibboleth authentication module 7.x-4.0 for Drupal does not properly check the active status of users, which allows remote blocked users to access bypass intended access restrictions and possibly have other impacts by logging in.

Learn more about our User Device Pen Test.