Security Advisory

CVE-2024-48942

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-10-09 00:00:00

Last updated 2024-10-10 17:31:27

Assigner mitre

State PUBLISHED

Description

The Syracom Secure Login (2FA) plugin for Jira, Confluence, and Bitbucket through 3.1.4.5 allows remote attackers to easily brute-force the 2FA PIN via the plugins/servlet/twofactor/public/pinvalidation endpoint. The last 30 and the next 30 tokens are valid.

← Browse all CVEs View on cve.org ↗