Use of Single-factor Authentication

CVE-2024-50618

Medium

4.3/10

Summary

A Use of Single-factor Authentication vulnerability in the Authentication component of CIPPlanner CIPAce before 9.17 allows attackers to bypass a protection mechanism. When the system is configured to allow login with internal accounts, an attacker can possibly obtain full authentication if the secret in a single-factor authentication scheme gets compromised.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: LOW
Availability Impact: NONE

CWE-308 - Use of Single-factor Authentication

The use of single-factor authentication can lead to unnecessary risk of compromise when compared with the benefits of a dual-factor authentication scheme.

References

Advisory Timeline

Published Feb 11, 2026

Use of Single-factor Authentication

CVE-2024-50618

Summary

CWE-308 - Use of Single-factor Authentication

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS