ZITADEL provides users the possibility to use Time-based One-Time-Password (TOTP) and One-Time-Password (OTP) through SMS and Email. While ZITADEL already gives administrators the option to define a `Lockout Policy` with a maximum amount of failed password check attempts, there was no such mechanism for (T)OTP checks. This issue has been patched in version 2.50.0.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-04-25T23:53:37.235Z
Updated: 2024-08-05T16:54:00.249Z
Reserved: 2024-04-19T14:07:11.229Z
Link: CVE-2024-32868
Vulnrichment
Updated: 2024-08-02T02:20:35.643Z
NVD
Status : Awaiting Analysis
Published: 2024-04-26T00:15:08.753
Modified: 2024-11-21T09:15:53.900
Link: CVE-2024-32868
Redhat
No data.