Syracom Secure_login
3 CVEs affecting Syracom Secure_login. Latest disclosed: 2024-10-10. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-22958 | Medium | 6.1 | 2023-01-11 | The Syracom Secure Login plugin before 3.1.1.0 for Jira may allow spoofing of 2FA PIN validation via the plugins/servlet/twofactor/public/pinvalidation target… |
CVE-2024-48942 | Medium | 5.9 | 2024-10-10 | The Syracom Secure Login (2FA) plugin for Jira, Confluence, and Bitbucket through 3.1.4.5 allows remote attackers to easily brute-force the 2FA PIN via the plu… |
CVE-2024-48941 | Medium | 5.4 | 2024-10-10 | The Syracom Secure Login (2FA) plugin for Jira, Confluence, and Bitbucket through 3.1.4.5 allows remote attackers to bypass 2FA by interacting with the /rest e… |