CVE-2024-39211

MEDIUM

Kaiten 57.128.8 - User Account Enumeration via Login Response Discrepancy

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-39211. PoCs published by artemy-ccrsky.

AI-analyzed exploit summary The repository contains a functional bash script that exploits CVE-2024-39211, a user enumeration vulnerability in Kaiten workflow management system. The script brute-forces usernames via POST requests and extracts email addresses from responses containing 'user_email'.

Description

Kaiten 57.128.8 allows remote attackers to enumerate user accounts via a crafted POST request, because a login response contains a user_email field only if the user account exists.

Exploits (1)

nomisec WORKING POC 7 stars

by artemy-ccrsky · poc

https://github.com/artemy-ccrsky/CVE-2024-39211

View Code ZIP pw:eip

The repository contains a functional bash script that exploits CVE-2024-39211, a user enumeration vulnerability in Kaiten workflow management system. The script brute-forces usernames via POST requests and extracts email addresses from responses containing 'user_email'.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Kaiten workflow management system

No auth needed

Prerequisites: Target Kaiten instance URL · Dictionary file of usernames

MITRE ATT&CK

T1589.001 - Credentials

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (3)

Core 3

Core References

Various Sources

https://github.com/artemy-ccrsky/CVE-2024-39211

Various Sources

https://github.com/artemy-ccrsky/CVE-2024-39211/blob/main/CVE-2024-39211.sh

View Writeup ZIP pw:eip

Various Sources

https://kaiten.ru

Scores

CVSS v3 5.3

EPSS 0.0115

EPSS Percentile 62.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-204

Status published

Published Jul 04, 2024

Tracked Since Feb 18, 2026