This page aggregates publicly disclosed CVE and security risk information related to google_authenticator_login_project, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2013-4178 | The Google Authenticator login module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.4 for Drupal allows remote attackers to obtain access by replaying the username, password, and one-time password (OTP). | [email protected] | 5.0 | 0.29% | 2014-05-29 | 2026-05-06 |
| CVE-2013-4177 | The Google Authenticator login module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.4 for Drupal does not properly identify user account names, which might allow remote attackers to bypass the two-factor authentication requirement via unspecified vectors. | [email protected] | 5.0 | 1.35% | 2014-05-29 | 2026-05-06 |
| CVE-2013-0258 | The Google Authenticator login (ga_login) module 7.x before 7.x-1.3 for Drupal, when multi-factor authentication is enabled, allows remote attackers to bypass authentication for accounts without an associated Google Authenticator token by logging in with the username. | [email protected] | 6.8 | 0.27% | 2013-03-27 | 2026-04-29 |