Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:40 a.m.11 views

CVE-2024-48942

The Syracom Secure Login 2FA plugin for Jira, Confluence, and Bitbucket through 3.1.4.5 allows remote attackers to easily brute-force the 2FA PIN via the plugins/servlet/twofactor/public/pinvalidation endpoint. The last 30 and the next 30 tokens are valid...

9.1CVSS5.8AI score0.00453EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:40 a.m.7 views

CVE-2024-48941

The Syracom Secure Login 2FA plugin for Jira, Confluence, and Bitbucket through 3.1.4.5 allows remote attackers to bypass 2FA by interacting with the /rest endpoint of Jira, Confluence, or Bitbucket. In the default configuration, /rest is allowlisted...

9.1CVSS7.2AI score0.00336EPSS
Exploits0References1
OSV
OSV
added 2024/10/10 12:15 a.m.5 views

CVE-2024-48941

The Syracom Secure Login 2FA plugin for Jira, Confluence, and Bitbucket through 3.1.4.5 allows remote attackers to bypass 2FA by interacting with the /rest endpoint of Jira, Confluence, or Bitbucket. In the default configuration, /rest is allowlisted...

5.4CVSS5.8AI score0.00336EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/09 12:0 a.m.6 views

PT-2024-33288 · Atlassian +1 · Confluence +3

Name of the Vulnerable Software and Affected Versions: Syracom Secure Login 2FA plugin for Jira, Confluence, and Bitbucket versions 3.1.4.5 and earlier Description: The issue allows remote attackers to easily brute-force the 2FA PIN via the "plugins/servlet/twofactor/public/pinvalidation" endpoin...

9.1CVSS6.7AI score0.00453EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/04/10 12:0 a.m.4 views

savignano S/Notify 安全漏洞

savignano S/Notify is savignano's most versatile email encryption solution for Jira, Confluence and Bitbucket. A security vulnerability exists in savignano S/Notify versions prior to 2.0.1 that stems from the presence of a cross-site request forgery vulnerability that allows an attacker to replac...

5.2CVSS6.7AI score0.0014EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/01/09 12:0 a.m.5 views

savignano S/Notify Security Vulnerabilities

savignano S/Notify is savignano's most versatile email encryption solution for Jira, Confluence and Bitbucket. A security vulnerability exists in savignano S/Notify versions prior to 2.0.1 that originates from a configuration setting that can be modified via a cross-site request forgery CSRF...

8.3CVSS6.7AI score0.00173EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/01/09 12:0 a.m.6 views

savignano S/Notify Security Vulnerabilities

savignano S/Notify is savignano's most versatile email encryption solution for Jira, Confluence and Bitbucket. A security vulnerability exists in savignano S/Notify versions prior to 4.0.2 that originates from a configuration setting that can be modified via a cross-site request forgery CSRF...

8.3CVSS6.7AI score0.00193EPSS
Exploits0References2
Rows per page
Query Builder