定价企业版

CVE-2024-5658

4.8MEDIUM

The CraftCMS plugin Two-Factor Authentication through 3.3.3 allows reuse of TOTP tokens multiple times within the validity period.

发布于: 6/6/2024更新于: 9/3/2025

在NVD查看在MITRE查看

描述

The CraftCMS plugin Two-Factor Authentication through 3.3.3 allows reuse of TOTP tokens multiple times within the validity period.

AI分析AI驱动

受影响产品

born05two-factor_authentication

参考资料

http://www.openwall.com/lists/oss-security/2024/06/06/2
ExploitMailing ListThird Party Advisory
https://github.com/born05/craft-twofactorauthentication/releases/tag/3.3.4
Release Notes
https://github.com/sbaresearch/advisories/tree/public/2024/SBA-ADV-20240202-02_CraftCMS_Plugin_Two-Factor_Authentication_TOTP_Valid_After_Use
ExploitThird Party Advisory
https://plugins.craftcms.com/two-factor-authentication?craft4
Product
http://www.openwall.com/lists/oss-security/2024/06/06/2
ExploitMailing ListThird Party Advisory
https://github.com/born05/craft-twofactorauthentication/releases/tag/3.3.4
Release Notes
https://github.com/sbaresearch/advisories/tree/public/2024/SBA-ADV-20240202-02_CraftCMS_Plugin_Two-Factor_Authentication_TOTP_Valid_After_Use
ExploitThird Party Advisory
https://plugins.craftcms.com/two-factor-authentication?craft4
Product