CVE-2022-23724

Name of the Vulnerable Software and Affected Versions No specific software or versions are mentioned in the provided descriptions.

Description The issue involves the use of static encryption key material, which allows for the forging of an authentication token to other users within a tenant organization. This can lead to the bypassing of Multi-Factor Authentication (MFA) by redirecting an authentication flow to a target user. To exploit this issue, an attacker must have already compromised user credentials.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.