CVE-2013-4177

Name of the Vulnerable Software and Affected Versions Google Authenticator login module versions 6.x-1.x before 6.x-1.2 Google Authenticator login module versions 7.x-1.x before 7.x-1.4

Description The issue is related to the Google Authenticator login module for Drupal, where it fails to properly identify user account names. This could potentially allow remote attackers to bypass the two-factor authentication requirement.

Recommendations For Google Authenticator login module version 6.x-1.x, update to version 6.x-1.2 or later. For Google Authenticator login module version 7.x-1.x, update to version 7.x-1.4 or later.