Jumpserver
CVE-2023-42820
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
Lifecycle Timeline
1DescriptionNVD
JumpServer is an open source bastion host. This vulnerability is due to exposing the random number seed to the API, potentially allowing the randomly generated verification codes to be replayed, which could lead to password resets. If MFA is enabled users are not affect. Users not using local authentication are also not affected. Users are advised to upgrade to either version 2.28.19 or to 3.6.5. There are no known workarounds or this issue.
AnalysisAI
JumpServer is an open source bastion host. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
Technical ContextAI
This vulnerability is classified as Exposure of Sensitive Information (CWE-200), which allows attackers to access sensitive data that should not be disclosed. JumpServer is an open source bastion host. This vulnerability is due to exposing the random number seed to the API, potentially allowing the randomly generated verification codes to be replayed, which could lead to password resets. If MFA is enabled users are not affect. Users not using local authentication are also not affected. Users are advised to upgrade to either version 2.28.19 or to 3.6.5. There are no known workarounds or this issue. Affected products include: Fit2Cloud Jumpserver. Version information: version 2.28.19.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Minimize information in error messages, implement proper access controls, encrypt sensitive data at rest and in transit.
More in Jumpserver
View allInsecure Permissions vulnerability in JumpServer GPLv3 v.3.8.0 allows a remote attacker to execute arbitrary code via by
JumpServer is an open source bastion host and an operation and maintenance security audit system. Rated critical severit
JumpServer is an open source bastion host and an operation and maintenance security audit system. Rated critical severit
JumpServer is an open source bastion host. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitabl
Jumpserver is a popular open source bastion host, and Koko is a Jumpserver component that is the Go version of coco, ref
JumpServer is an open source bastion host. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitabl
JumpServer is an open source bastion host. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitabl
JumpServer is an open source bastion host. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, n
JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to v3.10.19 and
JumpServer is an open source bastion host and an operation and maintenance security audit system. Rated medium severity
JumpServer is an open-source Privileged Access Management (PAM) tool that provides DevOps and IT teams with on-demand an
An issue in Jumpserver before 2.6.2, before 2.5.4, before 2.4.5 allows attackers to create a connection token through an
Same weakness CWE-200 – Information Exposure
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today