CVE-2025-6675
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
26/06/2025
Last modified:
26/06/2025
Description
Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Authentication Bypass.This issue affects Enterprise MFA - TFA for Drupal: from 0.0.0 before 4.8.0, from 5.2.0 before 5.2.1, from 0.0.0 before 5.0.*, from 0.0.0 before 5.1.*.
Impact
Base Score 3.x
4.80
Severity 3.x
MEDIUM