Description
An issue was discovered in phpMyAdmin 4.9 before 4.9.8 and 5.1 before 5.1.2. A valid user who is already authenticated to phpMyAdmin can manipulate their account to bypass two-factor authentication for future login instances.
Remediation
References
Related Vulnerabilities
OpenSSL Resource Management Errors Vulnerability (CVE-2008-1678)
Dolibarr Incorrect Authorization Vulnerability (CVE-2021-25954)
Mailman Other Vulnerability (CVE-2005-0202)
Sqlite Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2019-19646)
OpenSSL Improper Input Validation Vulnerability (CVE-2010-0433)