CVE-2024-21722 — Vulnetix

CVE-2024-21722 PUBLISHED

The MFA management features did not properly terminate existing user sessions when a user's MFA methods have been modified.

EPSS 0.00% · 0.2th percentile

Risk Scores

EPSS Score

0.00%

0.2th percentile

Affected Products

Vendor	Product	Versions
Bitnami	joomla	3.2.0
Bitnami	joomla	3.2.0

Exploit Intelligence

CIRCL seen: CVE-2024-21722 (circl-sighting)
CIRCL seen: CVE-2024-21722 (circl-sighting)
https://developer.joomla.org/security-centre/925-20240201-core-insufficient-session-expiration-in-mfa-management-views.html (circl)

Timeline

Feb 20, 2024 CVE Published
Feb 21, 2024 EPSS Score
Feb 22, 2024 PoC Published
Feb 29, 2024 PoC Published
Mar 19, 2024 EPSS Score
Apr 15, 2024 EPSS Score
May 11, 2024 EPSS Score
Jun 8, 2024 EPSS Score
Jul 5, 2024 EPSS Score
Aug 1, 2024 EPSS Score
Aug 28, 2024 EPSS Score
Sep 23, 2024 EPSS Score

References

Open in Interactive Console →

$ Console Community · 100/wk Open console ›