Yearly Archives: 2015

42 posts

A bug in policy module prevents authenticating with serial number in 2.6

A bug in the policy module prevents authenticating with a serial number. Affected version: privacyIDEA 2.6 Propability: High Security Severity: Low Technical Background privacyIDEA allows to authenticate with a username or a token serial number. I.e. the API can do a POST /validate/check user=username pass=PIN+OTP or a POST /validate/check serial=serialnumber […]