Lucene search
K

7 matches found

Circl
Circl
added 2024/08/08 2:11 a.m.4 views

CVE-2024-6890

creationtimestamp| type| source ---|---|--- 2024-08-08 02:11:00+00:00| seen| https://t.me/cvedetector/2735...

9.8CVSS8.1AI score0.00717EPSS
Exploits3References1
0day.today
0day.today
added 2024/08/08 12:0 a.m.199 views

Journyx 11.5.4 Unauthenticated Password Reset Bruteforce Vulnerability

Journyx version 11.5.4 suffers from an issue where password reset tokens are generated using an insecure source of randomness. Attackers who know the username of the Journyx installation user can bruteforce the password reset and change the administrator password. Title: Journyx Unauthenticated...

8.8CVSS7.6AI score0.00717EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/08/08 12:0 a.m.353 views

Journyx 11.5.4 Unauthenticated Password Reset Bruteforce

KL-001-2024-007: Journyx Unauthenticated Password Reset Bruteforce Title: Journyx Unauthenticated Password Reset Bruteforce Advisory ID: KL-001-2024-007 Publication Date: 2024.08.07 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-007.txt 1. Vulnerability Details Affected...

9.8CVSS7.1AI score0.00717EPSS
Exploits3
OSV
OSV
added 2024/08/07 11:15 p.m.6 views

CVE-2024-6890

Password reset tokens are generated using an insecure source of randomness. Attackers who know the username of the Journyx installation user can bruteforce the password reset and change the administrator password...

8.8CVSS5.8AI score0.00717EPSS
Exploits3References2
Vulnrichment
Vulnrichment
added 2024/08/07 11:9 p.m.24 views

CVE-2024-6890 Journyx Unauthenticated Password Reset Bruteforce

Password reset tokens are generated using an insecure source of randomness. Attackers who know the username of the Journyx installation user can bruteforce the password reset and change the administrator password...

7.2AI score0.00717EPSS
Exploits3References1
Cvelist
Cvelist
added 2024/08/07 11:9 p.m.26 views

CVE-2024-6890 Journyx Unauthenticated Password Reset Bruteforce

Password reset tokens are generated using an insecure source of randomness. Attackers who know the username of the Journyx installation user can bruteforce the password reset and change the administrator password...

0.00717EPSS
Exploits3References1
KoreLogic Security
KoreLogic Security
added 2024/08/07 12:0 a.m.18 views

Journyx Unauthenticated Password Reset Bruteforce

Vulnerability Details Affected Vendor: Journyx Affected Product: Journyx jtime Affected Version: 11.5.4 Platform: GNU/Linux CWE Classification: CWE-321: Use of Hard-coded Cryptographic Key, CWE-334: Small Space of Random Values, CWE-799: Improper Control of Interaction Frequency CVE ID:...

9.8CVSS6.7AI score0.00717EPSS
Exploits3Affected Software1
Rows per page
Query Builder