Administrators can now regenerate QR code for a specific user, which can be used to configure the two-factor authentication again.
Administrators cannot regenerate a QR code to reset the two-factor authentication. The existing resend QR code functionality which has been sending the same code for two-factor authentication is now enhanced with the 'Regenerate QR Code' capability to help administrators with reconfiguring the two-factor authentication.
This has been fixed in Endpoint Central version 10.1.2228.13 on 13.12.2022. To apply this fix, follow the steps below:
Once done, you can now regenerate QR code by navigating to Admin > User Administration > Users > Regenerate QR Code in product console.
This vulnerability is not applicable to Endpoint Central Cloud.
Luke Williams via Endpoint Central's Bug Bounty Program.
For further assistance, please reach out to our support at endpointcentral-support@manageengine.com