CVE-2024-6893 - Vulnerability Details - OpenCVE

The "soap_cgi.pyc" API handler allows the XML body of SOAP requests to contain references to external entities. This allows an unauthenticated attacker to read local files, perform server-side request forgery, and overwhelm the web server resources.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.92036.

Key SSVC decision points have not yet been added.

Vendors	Products
Journyx	Journyx

Configuration 1 [-]

cpe:2.3:a:journyx:journyx:11.5.4:*:*:*:*:linux:*:*

No data.

No data.

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://seclists.org/fulldisclosure/2024/Aug/8
https://korelogic.com/Resources/Advisories/KL-001-2024-010.txt

History

Thu, 08 Aug 2024 21:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Journyx Journyx journyx
CPEs		cpe:2.3:a:journyx:journyx:11.5.4:::::linux::
Vendors & Products		Journyx Journyx journyx

Thu, 08 Aug 2024 15:00:00 +0000

Type	Values Removed	Values Added
Metrics		cvssV3_1 `{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}`

Thu, 08 Aug 2024 14:30:00 +0000

Type	Values Removed	Values Added
References		http://seclists.org/fulldisclosure/2024/Aug/8

Wed, 07 Aug 2024 23:30:00 +0000

Type	Values Removed	Values Added
Description		The "soap_cgi.pyc" API handler allows the XML body of SOAP requests to contain references to external entities. This allows an unauthenticated attacker to read local files, perform server-side request forgery, and overwhelm the web server resources.
Title		Journyx Unauthenticated XML External Entities Injection
Weaknesses		CWE-611
References		https://korelogic.com/Resources/Advisories/KL-001-2024-010.txt

MITRE

Status: PUBLISHED

Assigner: KoreLogic

Published: 2024-08-07T23:22:08.667Z

Updated: 2024-08-08T13:14:39.692Z

Reserved: 2024-07-18T19:25:52.422Z

Link: CVE-2024-6893

Vulnrichment

Updated: 2024-08-08T01:29:17.480Z

NVD

Status : Modified

Published: 2024-08-08T00:15:40.793

Modified: 2024-11-21T09:50:29.000

Link: CVE-2024-6893

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-6893", "assignerOrgId": "bbf0bd87-ece2-41be-b873-96928ee8fab9", "state": "PUBLISHED", "assignerShortName": "KoreLogic", "dateReserved": "2024-07-18T19:25:52.422Z", "datePublished": "2024-08-07T23:22:08.667Z", "dateUpdated": "2024-08-08T13:14:39.692Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Linux"], "product": "Journyx (jtime)", "vendor": "Journyx", "versions": [{"status": "affected", "version": "11.5.4"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Jaggar Henry of KoreLogic, Inc."}], "datePublic": "2024-08-07T23:20:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<pre>The \"soap_cgi.pyc\" API handler allows the XML body of SOAP requests to contain references to external entities. This allows an unauthenticated attacker to read local files, perform server-side request forgery, and overwhelm the web server resources.</pre><br>"}], "value": "The \"soap_cgi.pyc\" API handler allows the XML body of SOAP requests to contain references to external entities. This allows an unauthenticated attacker to read local files, perform server-side request forgery, and overwhelm the web server resources."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-611", "description": "CWE-611 Improper Restriction of XML External Entity Reference", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "bbf0bd87-ece2-41be-b873-96928ee8fab9", "shortName": "KoreLogic", "dateUpdated": "2024-08-07T23:22:08.667Z"}, "references": [{"tags": ["third-party-advisory"], "url": "https://korelogic.com/Resources/Advisories/KL-001-2024-010.txt"}], "source": {"discovery": "UNKNOWN"}, "title": "Journyx Unauthenticated XML External Entities Injection", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"title": "CVE Program Container", "references": [{"url": "http://seclists.org/fulldisclosure/2024/Aug/8"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T01:29:17.480Z"}}, {"affected": [{"vendor": "journyx", "product": "journyx", "cpes": ["cpe:2.3:a:journyx:journyx:11.5.4:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "11.5.4", "status": "affected"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-08-08T13:07:04.749717Z", "id": "CVE-2024-6893", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-08T13:14:39.692Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-6893", "assignerOrgId": "bbf0bd87-ece2-41be-b873-96928ee8fab9", "state": "PUBLISHED", "assignerShortName": "KoreLogic", "dateReserved": "2024-07-18T19:25:52.422Z", "datePublished": "2024-08-07T23:22:08.667Z", "dateUpdated": "2024-08-08T13:14:39.692Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Linux"], "product": "Journyx (jtime)", "vendor": "Journyx", "versions": [{"status": "affected", "version": "11.5.4"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Jaggar Henry of KoreLogic, Inc."}], "datePublic": "2024-08-07T23:20:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<pre>The \"soap_cgi.pyc\" API handler allows the XML body of SOAP requests to contain references to external entities. This allows an unauthenticated attacker to read local files, perform server-side request forgery, and overwhelm the web server resources.</pre><br>"}], "value": "The \"soap_cgi.pyc\" API handler allows the XML body of SOAP requests to contain references to external entities. This allows an unauthenticated attacker to read local files, perform server-side request forgery, and overwhelm the web server resources."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-611", "description": "CWE-611 Improper Restriction of XML External Entity Reference", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "bbf0bd87-ece2-41be-b873-96928ee8fab9", "shortName": "KoreLogic", "dateUpdated": "2024-08-07T23:22:08.667Z"}, "references": [{"tags": ["third-party-advisory"], "url": "https://korelogic.com/Resources/Advisories/KL-001-2024-010.txt"}], "source": {"discovery": "UNKNOWN"}, "title": "Journyx Unauthenticated XML External Entities Injection", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"title": "CVE Program Container", "references": [{"url": "http://seclists.org/fulldisclosure/2024/Aug/8"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T01:29:17.480Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-6893", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-08-08T13:07:04.749717Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:journyx:journyx:11.5.4:*:*:*:*:*:*:*"], "vendor": "journyx", "product": "journyx", "versions": [{"status": "affected", "version": "11.5.4"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-08T13:14:32.361Z"}}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:journyx:journyx:11.5.4:*:*:*:*:linux:*:*", "matchCriteriaId": "16D9FF52-C135-4C0E-B182-65D575879BEA", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The \"soap_cgi.pyc\" API handler allows the XML body of SOAP requests to contain references to external entities. This allows an unauthenticated attacker to read local files, perform server-side request forgery, and overwhelm the web server resources."}, {"lang": "es", "value": "El controlador API \"soap_cgi.pyc\" permite que el cuerpo XML de las solicitudes SOAP contenga referencias a entidades externas. Esto permite que un atacante no autenticado lea archivos locales, falsifique solicitudes del lado del servidor y abrume los recursos del servidor web."}], "id": "CVE-2024-6893", "lastModified": "2024-11-21T09:50:29.000", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-08-08T00:15:40.793", "references": [{"source": "bbf0bd87-ece2-41be-b873-96928ee8fab9", "tags": ["Exploit", "Third Party Advisory"], "url": "https://korelogic.com/Resources/Advisories/KL-001-2024-010.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2024/Aug/8"}], "sourceIdentifier": "bbf0bd87-ece2-41be-b873-96928ee8fab9", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-611"}], "source": "bbf0bd87-ece2-41be-b873-96928ee8fab9", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-611"}], "source": "nvd@nist.gov", "type": "Primary"}]}