Bypassing Google Authenticator Login Vulnerability
CVE-2013-0258 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:P
The Google Authenticator login (ga_login) module 7.x before 7.x-1.3 for Drupal, when multi-factor authentication is enabled, allows remote attackers to bypass authentication for accounts without an associated Google Authenticator token by logging in with the username.
Learn more about our User Device Pen Test.