Operational Defect Database
BugZero found this defect 1420 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
WatchGuard Technologies | kA10H000000borkSAA
Active Directory users can bypass MFA when the UPN is changed
Last update date:
6/29/2020
Affected products:
AuthPoint
Affected releases:
All
AuthPoint
Fixed releases:
All
Description:
Issue
Active Directory users with a unique user principal name (UPN) that you changed to match their email address can use the old UPN to log in without MFA. Users must still type their user name and password.This issue only occurs when the user logs in with the old UPN. When the user logs in with the updated UPN, MFA is required.This issue is not related to the agent for Windows and occurs whether or not the agent for Windows is installed. Users affected by this issue can successfully log in to their computers.
Workaround/Solution
No workaround exists at this time.
