Lucene search

CVE-2024-39891

🗓️ 02 Jul 2024 18:03:15Reported by [email protected]Type

Twilio Authy API unauthenticated endpoint exposes phone-number dat

Reporter	Title	Published	Views	Family All 7
Vulnrichment	CVE-2024-39891	2 Jul 202400:00	–	vulnrichment
CVE	CVE-2024-39891	2 Jul 202418:15	–	cve
Cvelist	CVE-2024-39891	2 Jul 202400:00	–	cvelist
AttackerKB	CVE-2024-39891	2 Jul 202400:00	–	attackerkb
CISA KEV Catalog	Twilio Authy Information Disclosure Vulnerability	23 Jul 202400:00	–	cisa_kev
CISA	CISA Adds Two Known Exploited Vulnerabilities to Catalog	23 Jul 202412:00	–	cisa
The Hacker News	CISA Adds Twilio Authy and IE Flaws to Exploited Vulnerabilities List	24 Jul 202405:56	–	thn

Nvd

Node

twilio authyRange<26.1.0iphone_os

twilio authy_authenticatorRange<25.1.0android

Source	Link
twilio	www.twilio.com/docs/usage/security/reporting-vulnerabilities
twilio	www.twilio.com/en-us/changelog
bleepingcomputer	www.bleepingcomputer.com/news/security/hackers-abused-api-to-verify-millions-of-authy-mfa-phone-numbers/
cwe	www.cwe.mitre.org/data/definitions/203.html

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

02 Jul 2024 18:15Current

CVSS35.3

EPSS0.19957

CWE-203