virus logo Intrusion Prevention

DotNetNuke.Form.Authentication.Bypass

description-logoDescription

This indicates an attack attempt against a Authentication Bypass vulnerability in DotNetNuke.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application allowing an attacker to escalate their privileges to the security context of the user they are targeting. As a result, an attacker may be able to execute arbitrary code within the security context of the targeted user

affected-products-logoAffected Products

Above DotNetNuke 6.0.0

Impact logoImpact

Security Bypass: Remote attackers can bypass security checking of vulnerable systems.

recomended-action-logoRecommended Actions

Refer to the vendor's website for suggested workaround.
http://www.dotnetnuke.com/Resources/Blogs/EntryId/2798/ASP-NET-Security-Vulnerability-workaround-for-DotNetNuke-sites.aspx

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)
ID 31075
Created Feb 29, 2012
Updated May 02, 2022
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Default Action drop
Active
Affected OS Windows
Affected App Other