Mattd

**Name of the Vulnerable Software and Affected Versions** PacketFence versions prior to 3.0.2 **Description** The issue allows remote attackers to bypass authentication. This is possible due to the `check password` function in `html/admin/login.php` allowing an empty password. **Recommendations** For versions prior to 3.0.2, update to version 3.0.2 or later to resolve the issue. As a temporary workaround, consider disabling the `check password()` function until a patch is available. Restrict access to the `html/admin/login.php` file to minimize the risk of exploitation.