CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-48941

The Syracom Secure Login (2FA) plugin for Jira, Confluence, and Bitbucket through 3.1.4.5 allows remote attackers to bypass 2FA by interacting with the /rest endpoint of Jira, Confluence, or Bitbucket. In the default configuration, /rest is allowlisted.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 34.3%

CVSS Severity

CVSS v3 Score 5.4

References

https://syracom-bee.atlassian.net/wiki/spaces/SL/pages/3236560898/2024-09-16+-+Secure+Login+security+advisory+-+Insecure+default+configuration

Products affected by CVE-2024-48941

Syracom » Secure Login » Version: Any

cpe:2.3:a:syracom:secure_login:*
Syracom » Secure Login » Version: N/A

cpe:2.3:a:syracom:secure_login:-
Syracom » Secure Login » Version: 3.1.1.0

cpe:2.3:a:syracom:secure_login:3.1.1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-48941

Products

Pricing

Contact Us