Description

The "soap_cgi.pyc" API handler allows the XML body of SOAP requests to contain references to external entities. This allows an unauthenticated attacker to read local files, perform server-side request forgery, and overwhelm the web server resources.

INFO

Published Date :

2024-08-07T23:22:08.667Z

Last Modified :

2024-08-08T13:14:39.692Z

Source :

KoreLogic
AFFECTED PRODUCTS

The following products are affected by CVE-2024-6893 vulnerability.

Vendors Products
Journyx
  • Journyx
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-6893.

URL Resource
http://seclists.org/fulldisclosure/2024/Aug/8 cve-icon cve-icon
https://korelogic.com/Resources/Advisories/KL-001-2024-010.txt cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact