Vulnerabilities > Syracom

DATE	CVE	VULNERABILITY TITLE	RISK
2024-10-10	CVE-2024-48941	Unspecified vulnerability in Syracom Secure Login 3.1.1.0 The Syracom Secure Login (2FA) plugin for Jira, Confluence, and Bitbucket through 3.1.4.5 allows remote attackers to bypass 2FA by interacting with the /rest endpoint of Jira, Confluence, or Bitbucket. network low complexity syracom	5.4
2024-10-10	CVE-2024-48942	Unspecified vulnerability in Syracom Secure Login 3.1.1.0 The Syracom Secure Login (2FA) plugin for Jira, Confluence, and Bitbucket through 3.1.4.5 allows remote attackers to easily brute-force the 2FA PIN via the plugins/servlet/twofactor/public/pinvalidation endpoint. network high complexity syracom	5.9
2023-01-11	CVE-2023-22958	Open Redirect vulnerability in Syracom Secure Login The Syracom Secure Login plugin before 3.1.1.0 for Jira may allow spoofing of 2FA PIN validation via the plugins/servlet/twofactor/public/pinvalidation target parameter. network low complexity syracom CWE-601	6.1

Vulnerabilities > Syracom {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Syracom"}]}