Incorrect Access Control in PowerJob V4.3.1 Affects Remote Executions
CVE-2023-29924

9.8CRITICAL

Key Information:

Vendor: Powerjob
Status: Powerjob
Vendor: CVE Published:; 21 April 2023

What is CVE-2023-29924?

PowerJob V4.3.1 has a vulnerability relating to Incorrect Access Control, which could allow an attacker to execute arbitrary code remotely. This flaw exposes the system to potential compromises, enabling unauthorized users to manipulate its operations. Users of PowerJob should apply available patches and updates promptly to safeguard their systems against these risks.

References

https://github.com/PowerJob/PowerJob/issues/588

https://iotaa.cn/articles/62

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 21, 2023
Vulnerability Reserved
Apr 7, 2023

CVE-2023-29924 Data

JSON

Powerjob

What is CVE-2023-29924?

References

CVSS V3.1

Timeline