Vulnerabilities > Apereo > Central Authentication Service > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-14 | CVE-2024-11209 | Improper Authentication vulnerability in Apereo Central Authentication Service 6.6.0 A vulnerability was found in Apereo CAS 6.6. | 9.8 |
| 2023-11-09 | CVE-2023-4612 | Improper Authentication vulnerability in Apereo Central Authentication Service Improper Authentication vulnerability in Apereo CAS in jakarta.servlet.http.HttpServletRequest.getRemoteAddr method allows Multi-Factor Authentication bypass.This issue affects CAS: through 7.0.0-RC7. | 9.8 |