Description
Mautic versions 2.0.0 - 2.11.0 with a SSO plugin installed could allow a disabled user to still login using email address
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| n/a | n/a | affected |
|
Configuration 1 [-]
|
No data.
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2021-0495 | Mautic versions 2.0.0 - 2.11.0 with a SSO plugin installed could allow a disabled user to still login using email address |
 Github GHSA |
GHSA-6x98-fx9j-7c78 | Disabled users able to log in with third party SSO plugin |
References
| Link | Providers |
|---|---|
| https://github.com/mautic/mautic/releases/tag/2.12.0 |
|
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-09-17T00:42:20.126Z
Reserved: 2018-01-03T00:00:00.000Z
Link: CVE-2017-1000489
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-01-03T17:29:00.197
Modified: 2024-11-21T03:04:51.063
Link: CVE-2017-1000489
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses