Lucene search
K

5 matches found

OpenVAS
OpenVAS
added 2024/10/02 12:0 a.m.11 views

Ubuntu: Security Advisory (USN-7050-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6CVSS5.3AI score0.00846EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/10/01 12:0 a.m.18 views

Ubuntu 20.04 LTS / 22.04 LTS : Devise-Two-Factor vulnerabilities (USN-7050-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7050-1 advisory. Benoit Ct-Jodoin and Michael Nipper discovered that Devise-Two-Factor incorrectly handled one-time password validation. An attacker could...

6CVSS5.9AI score0.00846EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/09/17 6:15 p.m.11 views

CVE-2024-8796

Under the default configuration, Devise-Two-Factor versions = 2.2.0 & 6.0.0 generate TOTP shared secrets that are 120 bits instead of the 128-bit minimum defined by RFC 4226. Using a shared secret shorter than the minimum to generate a multi-factor authentication code could make it easier for an...

6CVSS5.9AI score0.00641EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/09/17 5:12 p.m.18 views

CVE-2024-8796 Insufficient Default OTP Shared Secret Length

Under the default configuration, Devise-Two-Factor versions = 2.2.0 & 6.0.0 generate TOTP shared secrets that are 120 bits instead of the 128-bit minimum defined by RFC 4226. Using a shared secret shorter than the minimum to generate a multi-factor authentication code could make it easier for an...

6CVSS7.1AI score0.00641EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/09/17 5:12 p.m.50 views

CVE-2024-8796 Insufficient Default OTP Shared Secret Length

Under the default configuration, Devise-Two-Factor versions = 2.2.0 & 6.0.0 generate TOTP shared secrets that are 120 bits instead of the 128-bit minimum defined by RFC 4226. Using a shared secret shorter than the minimum to generate a multi-factor authentication code could make it easier for an...

6CVSS0.00641EPSS
Exploits0References1
Rows per page
Query Builder