Vulnerabilities > Empowerid

DATE	CVE	VULNERABILITY TITLE	RISK
2023-08-11	CVE-2023-40260	Improper Authentication vulnerability in Empowerid 7.205.0.0 EmpowerID before 7.205.0.1 allows an attacker to bypass an MFA (multi factor authentication) requirement if the first factor (username and password) is known, because the first factor is sufficient to change an account's email address, and the product would then send MFA codes to the new email address (which may be attacker-controlled). network low complexity empowerid CWE-287 critical	9.1
2023-08-06	CVE-2023-4177	Insufficient Verification of Data Authenticity vulnerability in Empowerid 7.205.0.0 A vulnerability was found in EmpowerID up to 7.205.0.0. low complexity empowerid CWE-345	5.7

Vulnerabilities > Empowerid {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Empowerid"}]}