PT-2026-26962 · Alinto · Sogo
Published
2026-03-22
·
Updated
2026-03-22
·
CVE-2026-33550
CVSS v3.1
2.0
Low
| AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N |
SOGo before 5.12.5 does not renew the OTP if a user disables/enables it, and has a too short length (only 12 digits instead of the 20 recommended).
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sogo