Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Duo Security Vulnerabilities

cve
cve

CVE-2020-3442

The DuoConnect client enables users to establish SSH connections to hosts protected by a DNG instance. When a user initiates an SSH connection to a DNG-protected host for the first time using DuoConnect, the user’s browser is opened to a login screen in order to complete authentication determined b...

5.7CVSS

5.7AI Score

0.001EPSS

2020-07-20 09:15 PM
27
cve
cve

CVE-2021-1492

The Duo Authentication Proxy installer prior to 5.2.1 did not properly validate file installation paths. This allows an attacker with local user privileges to coerce the installer to write to arbitrary privileged directories. If successful, an attacker can manipulate files used by Duo Authenticatio...

7.1CVSS

6.9AI Score

0.0004EPSS

2021-03-25 03:15 PM
26
5
cve
cve

CVE-2023-20207

A vulnerability in the logging component of Cisco Duo Authentication Proxy could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. This vulnerability exists because certain unencrypted credentials are stored. An attacker could exploit this vu...

6.5CVSS

6.3AI Score

0.001EPSS

2023-07-12 02:15 PM
12