Description
An issue was discovered in Joomla! 3.2.0 through 3.9.24. Usage of an insufficient length for the 2FA secret accoring to RFC 4226 of 10 bytes vs 20 bytes.
Remediation
References
Related Vulnerabilities
Grafana Insufficiently Protected Credentials Vulnerability (CVE-2019-15635)
PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1052)
Zope Web Application Server Other Vulnerability (CVE-2001-1227)
Drupal Core 8.x.x Arbitrary File Overwrite (8.0.0 - 8.7.14)
MediaWiki Missing Authentication for Critical Function Vulnerability (CVE-2019-12468)