CVSS: 7.5EPSS: 94%CPEs: 1EXPL: 1CVE-2024-6893 – Journyx Unauthenticated XML External Entities Injection
https://notcve.org/view.php?id=CVE-2024-6893
The "soap_cgi.pyc" API handler allows the XML body of SOAP requests to contain references to external entities. This allows an unauthenticated attacker to read local files, perform server-side request forgery, and overwhelm the web server resources. El controlador API "soap_cgi.pyc" permite que el cuerpo XML de las solicitudes SOAP contenga referencias a entidades externas. Esto permite que un atacante no autenticado lea archivos locales, falsifique solicitudes del lado del servidor y abrume los recursos del servidor web. Journyx version 11.5.4 has an issue where the soap_cgi.pyc API handler allows the XML body of SOAP requests to contain references to external entities. • https://github.com/codeb0ss/CVE-2024-6893-PoC https://korelogic.com/Resources/Advisories/KL-001-2024-010.txt • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6892 – Journyx Reflected Cross Site Scripting
https://notcve.org/view.php?id=CVE-2024-6892
Attackers can craft a malicious link that once clicked will execute arbitrary JavaScript in the context of the Journyx web application. Los atacantes pueden crear un enlace malicioso que, una vez hecho clic, ejecutará JavaScript arbitrario en el contexto de la aplicación web Journyx. Journyx version 11.5.4 suffers from a cross site scripting vulnerability due to mishandling of the error_description during an active directory login flow. • https://korelogic.com/Resources/Advisories/KL-001-2024-009.txt • CWE-81: Improper Neutralization of Script in an Error Message Web Page •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6891 – Journyx Authenticated Remote Code Execution
https://notcve.org/view.php?id=CVE-2024-6891
Attackers with a valid username and password can exploit a python code injection vulnerability during the natural login flow. Los atacantes con un nombre de usuario y contraseña válidos pueden aprovechar una vulnerabilidad de inyección de código Python durante el flujo de inicio de sesión natural. • https://korelogic.com/Resources/Advisories/KL-001-2024-008.txt • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6890 – Journyx Unauthenticated Password Reset Bruteforce
https://notcve.org/view.php?id=CVE-2024-6890
Password reset tokens are generated using an insecure source of randomness. Attackers who know the username of the Journyx installation user can bruteforce the password reset and change the administrator password. Los tokens de restablecimiento de contraseña se generan utilizando una fuente aleatoria insegura. Los atacantes que conocen el nombre de usuario del usuario de instalación de Journyx pueden forzar el restablecimiento de contraseña y cambiar la contraseña de administrador. Journyx version 11.5.4 suffers from an issue where password reset tokens are generated using an insecure source of randomness. • https://korelogic.com/Resources/Advisories/KL-001-2024-007.txt • CWE-321: Use of Hard-coded Cryptographic Key CWE-334: Small Space of Random Values CWE-799: Improper Control of Interaction Frequency •