Lucene search
K

30 matches found

NVD
NVD
added 2026/06/16 12:16 p.m.10 views

CVE-2026-12225

syracom AG Secure Login 2FA for Atlassian Jira, Confluence, and Bitbucket 3.4.0.x contains an authentication bypass vulnerability. An attacker with valid credentials for a user account can bypass the two-factor authentication flow by sending HTTP requests with a crafted User-Agent header containi...

8.7CVSS0.00481EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/16 11:20 a.m.6 views

EUVD-2026-37066

syracom AG Secure Login 2FA for Atlassian Jira, Confluence, and Bitbucket 3.4.0.x contains an authentication bypass vulnerability. An attacker with valid credentials for a user account can bypass the two-factor authentication flow by sending HTTP requests with a crafted User-Agent header containi...

8.7CVSS5.5AI score0.00481EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/16 11:20 a.m.30 views

CVE-2026-12225 syracom Secure Login (2FA) for Confluence allows 2FA bypass via spoofed User-Agent

syracom AG Secure Login 2FA for Atlassian Jira, Confluence, and Bitbucket 3.4.0.x contains an authentication bypass vulnerability. An attacker with valid credentials for a user account can bypass the two-factor authentication flow by sending HTTP requests with a crafted User-Agent header containi...

8.7CVSS0.00481EPSS
Exploits0References4
CVE
CVE
added 2026/06/16 11:20 a.m.30 views

CVE-2026-12225

CVE-2026-12225 affects syracom Secure Login (2FA) for Atlassian Jira, Confluence and Bitbucket (v3.4.0.x). The vulnerability enables an authentication bypass: an attacker with valid credentials can bypass 2FA by sending requests with a crafted User-Agent (e.g., AtlassianMobileApp, JIRA), allowing...

8.7CVSS5.6AI score0.00481EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.11 views

PT-2026-49655

Name of the Vulnerable Software and Affected Versions syracom AG Secure Login 2FA for Atlassian Jira, Confluence, and Bitbucket versions 3.4.0.x Description An authentication bypass exists where an attacker with valid user credentials can circumvent the two-factor authentication 2FA flow. By...

8.7CVSS6AI score0.00481EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-27059

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00448EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:40 a.m.10 views

CVE-2024-48942

The Syracom Secure Login 2FA plugin for Jira, Confluence, and Bitbucket through 3.1.4.5 allows remote attackers to easily brute-force the 2FA PIN via the plugins/servlet/twofactor/public/pinvalidation endpoint. The last 30 and the next 30 tokens are valid...

9.1CVSS5.8AI score0.00453EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:40 a.m.7 views

CVE-2024-48941

The Syracom Secure Login 2FA plugin for Jira, Confluence, and Bitbucket through 3.1.4.5 allows remote attackers to bypass 2FA by interacting with the /rest endpoint of Jira, Confluence, or Bitbucket. In the default configuration, /rest is allowlisted...

9.1CVSS7.2AI score0.00336EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:16 a.m.2 views

CVE-2023-22958

The Syracom Secure Login plugin before 3.1.1.0 for Jira may allow spoofing of 2FA PIN validation via the plugins/servlet/twofactor/public/pinvalidation target parameter...

6.1CVSS6.9AI score0.00448EPSS
Exploits1References1
OSV
OSV
added 2024/10/10 12:15 a.m.4 views

CVE-2024-48941

The Syracom Secure Login 2FA plugin for Jira, Confluence, and Bitbucket through 3.1.4.5 allows remote attackers to bypass 2FA by interacting with the /rest endpoint of Jira, Confluence, or Bitbucket. In the default configuration, /rest is allowlisted...

5.4CVSS5.8AI score0.00336EPSS
Exploits0References1
OSV
OSV
added 2024/10/10 12:15 a.m.4 views

CVE-2024-48942

The Syracom Secure Login 2FA plugin for Jira, Confluence, and Bitbucket through 3.1.4.5 allows remote attackers to easily brute-force the 2FA PIN via the plugins/servlet/twofactor/public/pinvalidation endpoint. The last 30 and the next 30 tokens are valid...

5.9CVSS5.8AI score0.00453EPSS
Exploits0References1
NVD
NVD
added 2024/10/10 12:15 a.m.10 views

CVE-2024-48941

The Syracom Secure Login 2FA plugin for Jira, Confluence, and Bitbucket through 3.1.4.5 allows remote attackers to bypass 2FA by interacting with the /rest endpoint of Jira, Confluence, or Bitbucket. In the default configuration, /rest is allowlisted...

9.1CVSS0.00336EPSS
Exploits0References1
NVD
NVD
added 2024/10/10 12:15 a.m.14 views

CVE-2024-48942

The Syracom Secure Login 2FA plugin for Jira, Confluence, and Bitbucket through 3.1.4.5 allows remote attackers to easily brute-force the 2FA PIN via the plugins/servlet/twofactor/public/pinvalidation endpoint. The last 30 and the next 30 tokens are valid...

9.1CVSS0.00453EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/09 12:0 a.m.15 views

CVE-2024-48941

The Syracom Secure Login 2FA plugin for Jira, Confluence, and Bitbucket through 3.1.4.5 allows remote attackers to bypass 2FA by interacting with the /rest endpoint of Jira, Confluence, or Bitbucket. In the default configuration, /rest is allowlisted...

7.1AI score0.00336EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/09 12:0 a.m.7 views

Syracom Secure Login 安全漏洞

Syracom Secure Login is a secure login plugin from Syracom. A security vulnerability exists in Syracom Secure Login that stems from a secondary authentication that can be bypassed by interacting with the /rest endpoint...

9.1CVSS7AI score0.00336EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/10/09 12:0 a.m.9 views

CVE-2024-48942

The Syracom Secure Login 2FA plugin for Jira, Confluence, and Bitbucket through 3.1.4.5 allows remote attackers to easily brute-force the 2FA PIN via the plugins/servlet/twofactor/public/pinvalidation endpoint. The last 30 and the next 30 tokens are valid...

7.1AI score0.00453EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/09 12:0 a.m.5 views

Syracom Secure Login 安全漏洞

Syracom Secure Login is a secure login plugin from Syracom. A security vulnerability exists in Syracom Secure Login that originates from a brute-force breaking of a secondary authentication PIN via the plugins/servlet/twofactor/public/pinvalidation endpoint...

9.1CVSS7AI score0.00453EPSS
Exploits0References2
CVE
CVE
added 2024/10/09 12:0 a.m.46 views

CVE-2024-48941

The CVE-2024-48941 entry concerns the Syracom Secure Login 2FA plugin for Jira, Confluence, and Bitbucket (affected version family up to 3.1.4.5). The root issue is a 2FA bypass achieved by interacting with the /rest endpoint; in default configurations, /rest is allowlisted, enabling potential by...

9.1CVSS7.1AI score0.00336EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/10/09 12:0 a.m.18 views

CVE-2024-48942

The Syracom Secure Login 2FA plugin for Jira, Confluence, and Bitbucket through 3.1.4.5 allows remote attackers to easily brute-force the 2FA PIN via the plugins/servlet/twofactor/public/pinvalidation endpoint. The last 30 and the next 30 tokens are valid...

0.00453EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/09 12:0 a.m.14 views

CVE-2024-48941

The Syracom Secure Login 2FA plugin for Jira, Confluence, and Bitbucket through 3.1.4.5 allows remote attackers to bypass 2FA by interacting with the /rest endpoint of Jira, Confluence, or Bitbucket. In the default configuration, /rest is allowlisted...

0.00336EPSS
Exploits0References1
Rows per page
Query Builder