CVE-2024-48941

Published: 2024-10-10T00:15Z

Last Modified: 2024-10-11T21:36Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

The Syracom Secure Login (2FA) plugin for Jira, Confluence, and Bitbucket through 3.1.4.5 allows remote attackers to bypass 2FA by interacting with the /rest endpoint of Jira, Confluence, or Bitbucket. In the default configuration, /rest is allowlisted. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt