Lucene search
JoomlaVULNRICHMENT:CVE-2024-21722HistoryFeb 20, 2024 - 4:22 p.m.
CVE-2024-21722 [20240201] - Core - Insufficient session expiration in MFA management views
2024-02-2016:22:50
CWE-613
Joomla
github.com
5
cve-2024-21722
core
mfa management
user sessions
modified mfa methods
AI Score
6.9
Confidence
Low
EPSS
0
Percentile
9.0%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
The MFA management features did not properly terminate existing user sessions when a user’s MFA methods have been modified.
CNA Affected
[
{
"vendor": "Joomla! Project",
"product": "Joomla! CMS",
"versions": [
{
"status": "affected",
"version": "3.2.0-3.10.14"
},
{
"status": "affected",
"version": "4.0.0-4.4.2"
},
{
"status": "affected",
"version": "5.0.0-5.0.2"
}
],
"defaultStatus": "unaffected"
}
]Related
joomla
joomla
[20240201] - Core - Insufficient session expiration in MFA management views
2023-11-29 00:00:00
nvd
nvd
CVE-2024-21722
2024-02-29 01:44:03
openvas
openvas
Joomla! Session Expiration Vulnerability (20240201)
2024-02-23 00:00:00
cvelist
cvelist
cve
cve
CVE-2024-21722
2024-02-29 01:44:03
prion
prion
Information disclosure
2024-02-29 01:44:00
nessus
nessus
Joomla 1.5.x < 3.10.15 / 4.0.x < 4.4.3 / 5.0.x < 5.0.3 Multiple Vulnerabilities (5904-joomla-5-0-3-and-4-4-3-security-and-bug-fix-release)
2024-02-20 00:00:00
Joomla! 1.5.x < 4.4.3 Multiple Vulnerabilities
2024-02-21 00:00:00
Joomla! 5.x < 5.0.3 Multiple Vulnerabilities
2024-02-21 00:00:00
malwarebytes
malwarebytes
Joomla! patches XSS flaws that could lead to remote code execution
2024-02-23 16:11:33
AI Score
6.9
Confidence
Low
EPSS
0
Percentile
9.0%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2024-21722