Duo Authentication Proxy — known CVE vulnerabilities
Every CVE whose affected-product data names Duo Authentication Proxy, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2021-1492 — CVSS 6.6 (medium): The Duo Authentication Proxy installer prior to 5.2.1 did not properly validate file installation paths. This allows an attacker with local…
CVE-2023-20207 — CVSS 4.9 (medium): A vulnerability in the logging component of Cisco Duo Authentication Proxy could allow an authenticated, remote attacker to view sensitive…