Skip to main content

Jamf

5 CVEs product

Monthly

CVE-2023-31224 CRITICAL Act Now

There is broken access control during authentication in Jamf Pro Server before 10.46.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Jamf
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2021-40809 HIGH POC This Week

An issue was discovered in Jamf Pro before 10.32.0, aka PI-009921. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SSRF Jamf
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2021-39303 CRITICAL POC Act Now

The server in Jamf Pro before 10.32.0 has an SSRF vulnerability, aka PI-006352. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SSRF Jamf
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2021-35037 MEDIUM This Month

Jamf Pro before 10.30.1 allows for an unvalidated URL redirect vulnerability affecting Jamf Pro customers who host their environments on-premises. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Jamf
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2021-30125 MEDIUM This Month

Jamf Pro before 10.28.0 allows XSS related to inventory history, aka PI-009376. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Jamf
NVD
CVSS 3.1
6.1
EPSS
0.6%
EPSS 1% CVSS 9.8
CRITICAL Act Now

There is broken access control during authentication in Jamf Pro Server before 10.46.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Jamf
NVD
EPSS 1% CVSS 8.8
HIGH POC This Week

An issue was discovered in Jamf Pro before 10.32.0, aka PI-009921. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SSRF Jamf
NVD
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

The server in Jamf Pro before 10.32.0 has an SSRF vulnerability, aka PI-006352. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SSRF Jamf
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Jamf Pro before 10.30.1 allows for an unvalidated URL redirect vulnerability affecting Jamf Pro customers who host their environments on-premises. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Jamf
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Jamf Pro before 10.28.0 allows XSS related to inventory history, aka PI-009376. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Jamf
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy