CVE-2023-29924 – PowerJob V4.3.1 has an incorrect access control... (How to Fix)

Q: What is the severity of CVE-2023-29924?

CVE-2023-29924 has a CVSS score of 9.8 (CRITICAL). PowerJob V4.3.1 has an incorrect access control vulnerability that allows attackers to bypass authentication and execute arbitrary code remotely. This affects all PowerJob deployments running the vulnerable version, potentially compromising the entire system.

📋 TL;DR

PowerJob V4.3.1 has an incorrect access control vulnerability that allows attackers to bypass authentication and execute arbitrary code remotely. This affects all PowerJob deployments running the vulnerable version, potentially compromising the entire system.

💻 Affected Systems

Products:

PowerJob

Versions: V4.3.1 specifically (and potentially earlier versions with similar code)

Operating Systems: All platforms running PowerJob

Default Config Vulnerable: ⚠️ Yes

Notes: All default installations of PowerJob V4.3.1 are vulnerable. No special configuration required for exploitation.

📦 What is this software?

Powerjob by Powerjob

View all CVEs affecting Powerjob →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system takeover with attacker gaining full control over the PowerJob server, allowing installation of malware, data theft, and lateral movement to connected systems.

🟠

Likely Case

Remote code execution leading to service disruption, data exfiltration, and potential ransomware deployment.

🟢

If Mitigated

Limited impact if proper network segmentation and authentication controls prevent access to vulnerable endpoints.

🌐 Internet-Facing: HIGH - Directly exploitable over network without authentication.

🏢 Internal Only: HIGH - Even internal attackers or compromised systems can exploit this vulnerability.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: CONFIRMED

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Public exploit details available in GitHub issues. Attack requires network access to PowerJob instance but no authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: V4.3.2 or later

Vendor Advisory: https://github.com/PowerJob/PowerJob/issues/588

Restart Required: Yes

Instructions:

1. Backup current configuration and data. 2. Download PowerJob V4.3.2 or later from official repository. 3. Stop PowerJob service. 4. Replace with patched version. 5. Restart PowerJob service. 6. Verify functionality.

🔧 Temporary Workarounds

Network Access Restriction

linux

Restrict network access to PowerJob instance using firewall rules

iptables -A INPUT -p tcp --dport [PowerJob_port] -s [trusted_ips] -j ACCEPT
iptables -A INPUT -p tcp --dport [PowerJob_port] -j DROP

Reverse Proxy with Authentication

all

Place PowerJob behind reverse proxy with strong authentication

🧯 If You Can't Patch

Isolate PowerJob instance in separate network segment with strict firewall rules
Implement network-based intrusion detection to monitor for exploitation attempts

🔍 How to Verify

Check if Vulnerable:

Check PowerJob version. If version is exactly 4.3.1, system is vulnerable.

Check Version:

Check PowerJob web interface or application logs for version information

Verify Fix Applied:

Verify PowerJob version is 4.3.2 or later and test authentication requirements for all endpoints.

📡 Detection & Monitoring

Log Indicators:

Unauthenticated access attempts to sensitive endpoints
Unusual process execution from PowerJob context
Authentication bypass logs

Network Indicators:

Unusual outbound connections from PowerJob server
Exploit pattern traffic to PowerJob endpoints

SIEM Query:

source="PowerJob" AND (event="authentication_failure" OR event="unauthorized_access")

📊 Metadata

CVE ID: CVE-2023-29924

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-284

Published: April 21, 2023

Last Updated: February 5, 2025

🔗 References

https://github.com/PowerJob/PowerJob/issues/588 Issue Tracking,Third Party Advisory
https://iotaa.cn/articles/62 Broken Link
https://github.com/PowerJob/PowerJob/issues/588 Issue Tracking,Third Party Advisory
https://iotaa.cn/articles/62 Broken Link

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-29924, you might also want to check these: