The MFA management features did not properly terminate existing user sessions when a user's MFA methods have been modified.
References
Configurations
Configuration 1 (hide)
|
History
02 Jun 2025, 15:28
Type | Values Removed | Values Added |
---|---|---|
References | () https://developer.joomla.org/security-centre/925-20240201-core-insufficient-session-expiration-in-mfa-management-views.html - Vendor Advisory | |
First Time |
Joomla joomla\!
Joomla |
|
CPE | cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:* |
21 Nov 2024, 08:54
Type | Values Removed | Values Added |
---|---|---|
References | () https://developer.joomla.org/security-centre/925-20240201-core-insufficient-session-expiration-in-mfa-management-views.html - |
30 Oct 2024, 18:35
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.3 |
Summary |
|
29 Feb 2024, 01:44
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-02-29 01:44
Updated : 2025-06-02 15:28
NVD link : CVE-2024-21722
Mitre link : CVE-2024-21722
CVE.ORG link : CVE-2024-21722
JSON object : View
Products Affected
joomla
- joomla\!
CWE
CWE-613
Insufficient Session Expiration