CVE-2024-12838

Name of the Vulnerable Software and Affected Versions CGFIDO (affected versions not specified)

Description The passwordless login mechanism in CGFIDO has an Authentication Bypass issue, allowing remote attackers with regular privileges to send a crafted request to switch to the identity of any user, including administrators. This enables attackers to compromise security protocols.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.