Lucene search
KoreLogicVULNRICHMENT:CVE-2024-6891HistoryAug 07, 2024 - 11:13 p.m.
CVE-2024-6891 Journyx Authenticated Remote Code Execution
2024-08-0723:13:56
CWE-94
CWE-95
KoreLogic
github.com
3
journyx
remote code execution
python code injection
natural login flow
cve-2024-6891
authenticated
AI Score
7.6
Confidence
Low
EPSS
0.001
Percentile
18.9%
SSVC
Exploitation
poc
Automatable
no
Technical Impact
total
Attackers with a valid username and password can exploit a python code injection vulnerability during the natural login flow.
CNA Affected
[
{
"vendor": "Journyx",
"product": "Journyx (jtime)",
"versions": [
{
"status": "affected",
"version": "11.5.4"
}
],
"platforms": [
"Linux"
],
"defaultStatus": "unaffected"
}
]ADP Affected
[
{
"cpes": [
"cpe:2.3:a:journyx:journyx:11.5.4:*:*:*:*:*:*:*"
],
"vendor": "journyx",
"product": "journyx",
"versions": [
{
"status": "affected",
"version": "11.5.4"
}
],
"defaultStatus": "unknown"
}
]Related
nvd
nvd
CVE-2024-6891
2024-08-08 00:15:40
cve
cve
CVE-2024-6891
2024-08-08 00:15:40
cvelist
cvelist
CVE-2024-6891 Journyx Authenticated Remote Code Execution
2024-08-07 23:13:56
packetstorm
packetstorm
Journyx 11.5.4 Authenticated Remote Code Execution
2024-08-08 00:00:00
korelogic
korelogic
Journyx Authenticated Remote Code Execution
2024-08-07 00:00:00
zdt
zdt
Journyx 11.5.4 Authenticated Remote Code Execution Vulnerability
2024-08-08 00:00:00
AI Score
7.6
Confidence
Low
EPSS
0.001
Percentile
18.9%
SSVC
Exploitation
poc
Automatable
no
Technical Impact
total
Related for VULNRICHMENT:CVE-2024-6891