Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-42442

Published: 15/09/2023 Updated: 20/09/2023
CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Jumpserver

Vulnerability Summary

JumpServer is an open source bastion host and a professional operation and maintenance security audit system. Starting in version 3.0.0 and prior to versions 3.5.5 and 3.6.4, session replays can download without authentication. Session replays stored in S3, OSS, or other cloud storage are not affected. The api `/api/v1/terminal/sessions/` permission control is broken and can be accessed anonymously. SessionViewSet permission classes set to `[RBACPermission | IsSessionAssignee]`, relation is or, so any permission matched will be allowed. Versions 3.5.5 and 3.6.4 have a fix. After upgrading, visit the api `$HOST/api/v1/terminal/sessions/?limit=1`. The expected http response code is 401 (`not_authenticated`).

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

fit2cloud jumpserver

Vendor Advisories

Check Point Security Alerts: JumpServer Authentication Bypass (CVE-2023-42442)
Check Point Reference: CPAI-2023-1430 Date Published: 7 Jan 2024 Severity: Medium ...

Github Repositories

https://github.com/0x727/BypassPro

对权限绕过自动化bypass的burpsuite插件

郑重声明:文中所涉及的技术、思路和工具仅供以安全为目的的学习交流使用,任何人不得将其用于非法用途以及盈利等目的,否则后果自行承担。 介绍 作者:p0desta,Y0!0,0cat 团队:0x727,未来一段时间将陆续开源工具,地址:githubcom/0x727 定位:在攻防和渗透测试中,可以更加

https://github.com/tarimoe/blackjump

JumpServer 堡垒机未授权综合漏洞利用, Exploit for CVE-2023-42442 / CVE-2023-42820 / RCE 2021

blackjump 中文 | English 免责声明: 本工具仅面向合法授权的企业安全建设行为,在使用本工具进行检测时,您应确保该行为符合当地的法律法规,并且已经取得了足够的授权。请勿对非授权目标使用。 如您在使用本工具的过程中存在任何非法行为,您需自行承担相应后果,我们将不承担任

https://github.com/C1ph3rX13/CVE-2023-42442

CVE-2023-42442

CVE-2023-42442 CVE-2023-42442 JumpServer Session 录像任意下载漏洞 漏洞说明 CVE-2023-42442是一个组合洞,包含Jumpserver中的两个Bug API未授权访问导致泄露session信息 目录权限绕过导致录像文件被下载 USAGE Python Version python CVE-2023-42442py -h ██████╗██╗ ██╗███████╗ █

https://github.com/HolyGu/CVE-2023-42442

红队攻防之JumpServer未授权访问漏洞(CVE-2023-42442)后利用过程分享 使用方法:go run CVE-2023-42442go --url 192168123120 详见微信公众号文章:mpweixinqqcom/s/NCSnTsOMxslmf5S6d9896A

References

CWE-287https://github.com/jumpserver/jumpserver/blob/v3.6.1/apps/terminal/api/session/session.py#L91https://github.com/jumpserver/jumpserver/commit/0a58bba59cd275bab8e0ae58bf4b359fbc5eb74ahttps://github.com/jumpserver/jumpserver/security/advisories/GHSA-633x-3f4f-v9rwhttps://nvd.nist.govhttps://github.com/0x727/BypassProhttps://advisories.checkpoint.com/defense/advisories/public/2024/cpai-2023-1430.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671unauthorizedCVE-2024-4776CVE-2024-3407CVE-2024-26026CVE-2024-32888wirelessCVE-2024-4656template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook