Discourse up to 2.7.0 beta1 2FA improper authentication

entryeditHistoryDiffjsonxmlCTI

A vulnerability was found in Discourse up to 2.7.0 beta1. It has been rated as critical. This issue affects an unknown part of the component 2FA Handler. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
1082703601/14/2021VulD...price_0day$0-$5ksee documentation01/14/2021accepted90
1082703501/14/2021VulD...cvss3_meta_tempscore6.3see documentation01/14/2021accepted90
1082703401/14/2021VulD...cvss3_meta_basescore6.3see documentation01/14/2021accepted90
1082703301/14/2021VulD...cvss3_vuldb_tempscore6.301/14/2021accepted90
1082703201/14/2021VulD...cvss3_vuldb_basescore6.301/14/2021accepted90
1082703101/14/2021VulD...cvss2_vuldb_tempscore5.801/14/2021accepted90
1082703001/14/2021VulD...cvss2_vuldb_basescore5.801/14/2021accepted90
1082702901/14/2021VulD...cvss3_vuldb_rcXderived from historical data01/14/2021accepted80
1082702801/14/2021VulD...cvss3_vuldb_rlXderived from historical data01/14/2021accepted80
1082702701/14/2021VulD...cvss3_vuldb_eXderived from historical data01/14/2021accepted80
1082702601/14/2021VulD...cvss3_vuldb_sUderived from historical data01/14/2021accepted80
1082702501/14/2021VulD...cvss3_vuldb_uiNderived from historical data01/14/2021accepted80
1082702401/14/2021VulD...cvss3_vuldb_avAderived from historical data01/14/2021accepted80
1082702301/14/2021VulD...cvss2_vuldb_rcNDderived from historical data01/14/2021accepted80
1082702201/14/2021VulD...cvss2_vuldb_rlNDderived from historical data01/14/2021accepted80
1082702101/14/2021VulD...cvss2_vuldb_eNDderived from historical data01/14/2021accepted80
1082702001/14/2021VulD...cvss2_vuldb_avAderived from historical data01/14/2021accepted80
1082701901/14/2021VulD...cvss2_vuldb_aiPderived from vuldb v3 vector01/14/2021accepted80
1082701801/14/2021VulD...cvss2_vuldb_iiPderived from vuldb v3 vector01/14/2021accepted80
1082701701/14/2021VulD...cvss2_vuldb_ciPderived from vuldb v3 vector01/14/2021accepted80

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!