Lucene search

CVE-2024-5657

🗓️ 06 Jun 2024 11:49:15Reported by 1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4aType

CraftCMS plugin Two-Factor Authentication discloses password hash

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 7
CVE	CVE-2024-5657	6 Jun 202411:15	–	cve
Github Security Blog	Password hash exposed in CraftCMS two factor authentication plugin	6 Jun 202412:30	–	github
OSV	CVE-2024-5657	6 Jun 202411:15	–	osv
OSV	GHSA-3P4X-GRPM-XW58 Password hash exposed in CraftCMS two factor authentication plugin	6 Jun 202412:30	–	osv
Vulnrichment	CVE-2024-5657 CraftCMS Plugin - Two-Factor Authentication - Password Hash Disclosure	6 Jun 202410:29	–	vulnrichment
Veracode	Password Hash Disclosure	11 Jun 202406:05	–	veracode
Cvelist	CVE-2024-5657 CraftCMS Plugin - Two-Factor Authentication - Password Hash Disclosure	6 Jun 202410:29	–	cvelist

Nvd

Node

born05 two-factor_authenticationRange3.3.1–3.3.4craftcms

Source	Link
plugins	www.plugins.craftcms.com/two-factor-authentication
github	www.github.com/sbaresearch/advisories/tree/public/2024/SBA-ADV-20240202-01_CraftCMS_Plugin_Two-Factor_Authentication_Password_Hash_Disclosure
github	www.github.com/born05/craft-twofactorauthentication/releases/tag/3.3.4
openwall	www.openwall.com/lists/oss-security/2024/06/06/1

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

06 Jun 2024 11:15Current

4.2Medium risk

Vulners AI Score4.2

CVSS38.1

EPSS0.00069

CWE-522