Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-42959 | 2025-07-08 | N/A | 8.1 HIGH | ||
| An unauthenticated attacker may exploit a scenario where a Hashed Message Authentication Code (HMAC) credential, extracted from a system missing specific security patches, is reused in a replay attack against a different system. Even if the target system is fully patched, successful exploitation could result in complete system compromise, affecting confidentiality, integrity, and availability. | |||||
| CVE-2023-49075 | 1 Pimcore | 1 Admin Classic Bundle | 2023-12-04 | N/A | 7.2 HIGH |
| The Admin Classic Bundle provides a Backend UI for Pimcore. `AdminBundle\Security\PimcoreUserTwoFactorCondition` introduced in v11 disable the two factor authentication for all non-admin security firewalls. An authenticated user can access the system without having to provide the two factor credentials. This issue has been patched in version 1.2.2. | |||||
| CVE-2023-34228 | 1 Jetbrains | 1 Teamcity | 2023-06-07 | N/A | 6.5 MEDIUM |
| In JetBrains TeamCity before 2023.05 authentication checks were missing – 2FA was not checked for some sensitive account actions | |||||