CVE-2021-23127

Summary

An issue was discovered in Joomla! 3.2.0 through 3.9.24. Usage of an insufficient length for the 2FA secret accoring to RFC 4226 of 10 bytes vs 20 bytes.

Affected Software

VendorProductVersion RangeStatus
Joomla! ProjectJoomla! CMS3.2.0-3.9.24affected

Weaknesses

  • Insecure Randomness

ADP Enrichment

CVE Program Container

Additional References

References