Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fit2cloud jumpserver 3.8.0 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-48193
Insecure Permissions vulnerability in JumpServer GPLv3 v.3.8.0 allows a remote malicious user to execute arbitrary code via bypassing the command filtering function. NOTE: this is disputed because command filtering is not intended to restrict what code can be run by authorized us...
Fit2cloud Jumpserver 3.8.0
5.3
CVSSv3
CVE-2023-46138
JumpServer is an open source bastion host and maintenance security audit system that complies with 4A specifications. Prior to version 3.8.0, the default email for initial user admin is `admin[@]mycompany[.]com`, and users reset their passwords by sending an email. Currently, the...
Fit2cloud Jumpserver
5.3
CVSSv3
CVE-2023-46123
jumpserver is an open source bastion machine, professional operation and maintenance security audit system that complies with 4A specifications. A flaw in the Core API allows malicious users to bypass password brute-force protections by spoofing arbitrary IP addresses. By exploit...
Fit2cloud Jumpserver
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
malicious code
XML injection
CVE-2024-28020
CVE-2024-35252
CVE-2024-5833
CVE-2024-30066
injection
CVE-2024-23282
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started