Home

Description

Improper Authentication vulnerability in Drupal Login Disable allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Login Disable: from 2.0.0 before 2.1.1.

PUBLISHED Reserved 2025-01-09 | Published 2025-01-09 | Updated 2025-01-30 | Assigner drupal

Problem types

CWE-287 Improper Authentication

Product status

Default status
unaffected

2.0.0 (semver) before 2.1.1
affected

Credits

e5sego finder

e5sego remediation developer

Sang Lostrie remediation developer

Ivo Van Geertruyen coordinator

Greg Knaddison coordinator

Benji Fisher coordinator

References

www.drupal.org/sa-contrib-2024-073

cve.org (CVE-2024-13309)

nvd.nist.gov (CVE-2024-13309)

Download JSON