Jumpserver
by Jumpserver
Source repositories
CVEs (26)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-29202 | 0.06 | — | 0.06 | Mar 29, 2024 | JumpServer is an open source bastion host and an operation and maintenance security audit system. Attackers can exploit a Jinja2 template injection vulnerability in JumpServer's Ansible to execute arbitrary code within the Celery container. Since the Celery container runs with… | |||
| CVE-2024-29201 | 0.05 | — | 0.06 | Mar 29, 2024 | JumpServer is an open source bastion host and an operation and maintenance security audit system. Attackers can bypass the input validation mechanism in JumpServer's Ansible to execute arbitrary code within the Celery container. Since the Celery container runs with root… | |||
| CVE-2023-42442 | 0.04 | — | 0.56 | Sep 15, 2023 | JumpServer is an open source bastion host and a professional operation and maintenance security audit system. Starting in version 3.0.0 and prior to versions 3.5.5 and 3.6.4, session replays can download without authentication. Session replays stored in S3, OSS, or other cloud… | |||
| CVE-2024-24763 | 0.02 | — | 0.01 | Feb 20, 2024 | JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to version 3.10.0, attackers can exploit this vulnerability to construct malicious links, leading users to click on them, thereby facilitating phishing attacks or cross-site… | |||
| CVE-2026-31864 | 0.00 | — | 0.00 | Mar 13, 2026 | JumpServer is an open source bastion host and an operation and maintenance security audit system. a Server-Side Template Injection (SSTI) vulnerability exists in JumpServer's Applet and VirtualApp upload functionality. This vulnerability can only be exploited by users with… | |||
| CVE-2026-31798 | 0.00 | — | 0.00 | Mar 13, 2026 | JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to v4.10.16-lts, JumpServer improperly validates certificates in the Custom SMS API Client. When JumpServer sends MFA/OTP codes via Custom SMS API, an attacker can intercept… | |||
| CVE-2025-58044 | 0.00 | — | 0.00 | Dec 1, 2025 | JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to v3.10.19 and v4.10.5, The /core/i18n// endpoint uses the Referer header as the redirection target without proper validation, which could lead to an Open Redirect… | |||
| CVE-2025-62795 | 0.00 | — | 0.00 | Oct 30, 2025 | JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to v3.10.21-lts and v4.10.12-lts, a low-privileged authenticated user can invoke LDAP configuration tests and start LDAP synchronization by sending crafted messages to the… | |||
| CVE-2025-62712 | 0.00 | — | 0.00 | Oct 30, 2025 | JumpServer is an open source bastion host and an operation and maintenance security audit system. In JumpServer versions prior to v3.10.20-lts and v4.10.11-lts, an authenticated, non-privileged user can retrieve connection tokens belonging to other users via the super-connection… | |||
| CVE-2025-27095 | 0.00 | — | 0.00 | Mar 31, 2025 | JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to 4.8.0 and 3.10.18, an attacker with a low-privileged account can access the Kubernetes session feature and manipulate the kubeconfig file to redirect API requests to an… | |||
| CVE-2024-40628 | 0.00 | — | 0.01 | Jul 18, 2024 | JumpServer is an open-source Privileged Access Management (PAM) tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints through a web browser. An attacker can exploit the ansible playbook to read arbitrary… | |||
| CVE-2024-40629 | 0.00 | — | 0.01 | Jul 18, 2024 | JumpServer is an open-source Privileged Access Management (PAM) tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints through a web browser. An attacker can exploit the Ansible playbook to write… | |||
| CVE-2024-29020 | 0.00 | — | 0.00 | Mar 29, 2024 | JumpServer is an open source bastion host and an operation and maintenance security audit system. An authorized attacker can obtain sensitive information contained within playbook files if they manage to learn the playbook_id of another user. This breach of confidentiality can… | |||
| CVE-2024-29024 | 0.00 | — | 0.00 | Mar 29, 2024 | JumpServer is an open source bastion host and an operation and maintenance security audit system. An authenticated user can exploit the Insecure Direct Object Reference (IDOR) vulnerability in the file manager's bulk transfer by manipulating job IDs to upload malicious files, … | |||
| CVE-2023-48193 | 0.00 | — | 0.02 | Nov 28, 2023 | Insecure Permissions vulnerability in JumpServer GPLv3 v.3.8.0 allows a remote attacker to execute arbitrary code via bypassing the command filtering function. NOTE: this is disputed because command filtering is not intended to restrict what code can be run by authorized users… | |||
| CVE-2023-46138 | 0.00 | — | 0.00 | Oct 30, 2023 | JumpServer is an open source bastion host and maintenance security audit system that complies with 4A specifications. Prior to version 3.8.0, the default email for initial user admin is `admin[@]mycompany[.]com`, and users reset their passwords by sending an email. Currently,… | |||
| CVE-2023-46123 | 0.00 | — | 0.01 | Oct 25, 2023 | jumpserver is an open source bastion machine, professional operation and maintenance security audit system that complies with 4A specifications. A flaw in the Core API allows attackers to bypass password brute-force protections by spoofing arbitrary IP addresses. By exploiting… | |||
| CVE-2023-42818 | 0.00 | — | 0.01 | Sep 27, 2023 | JumpServer is an open source bastion host. When users enable MFA and use a public key for authentication, the Koko SSH server does not verify the corresponding SSH private key. An attacker could exploit a vulnerability by utilizing a disclosed public key to attempt brute-force… | |||
| CVE-2023-43651 | 0.00 | — | 0.02 | Sep 27, 2023 | JumpServer is an open source bastion host. An authenticated user can exploit a vulnerability in MongoDB sessions to execute arbitrary commands, leading to remote code execution. This vulnerability may further be leveraged to gain root privileges on the system. Through the WEB… | |||
| CVE-2023-43650 | 0.00 | — | 0.01 | Sep 27, 2023 | JumpServer is an open source bastion host. The verification code for resetting user's password is vulnerable to brute-force attacks due to the absence of rate limiting. JumpServer provides a feature allowing users to reset forgotten passwords. Affected users are sent a 6-digit… |
- CVE-2024-29202Mar 29, 2024risk 0.06cvss —epss 0.06
JumpServer is an open source bastion host and an operation and maintenance security audit system. Attackers can exploit a Jinja2 template injection vulnerability in JumpServer's Ansible to execute arbitrary code within the Celery container. Since the Celery container runs with…
- CVE-2024-29201Mar 29, 2024risk 0.05cvss —epss 0.06
JumpServer is an open source bastion host and an operation and maintenance security audit system. Attackers can bypass the input validation mechanism in JumpServer's Ansible to execute arbitrary code within the Celery container. Since the Celery container runs with root…
- CVE-2023-42442Sep 15, 2023risk 0.04cvss —epss 0.56
JumpServer is an open source bastion host and a professional operation and maintenance security audit system. Starting in version 3.0.0 and prior to versions 3.5.5 and 3.6.4, session replays can download without authentication. Session replays stored in S3, OSS, or other cloud…
- CVE-2024-24763Feb 20, 2024risk 0.02cvss —epss 0.01
JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to version 3.10.0, attackers can exploit this vulnerability to construct malicious links, leading users to click on them, thereby facilitating phishing attacks or cross-site…
- CVE-2026-31864Mar 13, 2026risk 0.00cvss —epss 0.00
JumpServer is an open source bastion host and an operation and maintenance security audit system. a Server-Side Template Injection (SSTI) vulnerability exists in JumpServer's Applet and VirtualApp upload functionality. This vulnerability can only be exploited by users with…
- CVE-2026-31798Mar 13, 2026risk 0.00cvss —epss 0.00
JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to v4.10.16-lts, JumpServer improperly validates certificates in the Custom SMS API Client. When JumpServer sends MFA/OTP codes via Custom SMS API, an attacker can intercept…
- CVE-2025-58044Dec 1, 2025risk 0.00cvss —epss 0.00
JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to v3.10.19 and v4.10.5, The /core/i18n// endpoint uses the Referer header as the redirection target without proper validation, which could lead to an Open Redirect…
- CVE-2025-62795Oct 30, 2025risk 0.00cvss —epss 0.00
JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to v3.10.21-lts and v4.10.12-lts, a low-privileged authenticated user can invoke LDAP configuration tests and start LDAP synchronization by sending crafted messages to the…
- CVE-2025-62712Oct 30, 2025risk 0.00cvss —epss 0.00
JumpServer is an open source bastion host and an operation and maintenance security audit system. In JumpServer versions prior to v3.10.20-lts and v4.10.11-lts, an authenticated, non-privileged user can retrieve connection tokens belonging to other users via the super-connection…
- CVE-2025-27095Mar 31, 2025risk 0.00cvss —epss 0.00
JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to 4.8.0 and 3.10.18, an attacker with a low-privileged account can access the Kubernetes session feature and manipulate the kubeconfig file to redirect API requests to an…
- CVE-2024-40628Jul 18, 2024risk 0.00cvss —epss 0.01
JumpServer is an open-source Privileged Access Management (PAM) tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints through a web browser. An attacker can exploit the ansible playbook to read arbitrary…
- CVE-2024-40629Jul 18, 2024risk 0.00cvss —epss 0.01
JumpServer is an open-source Privileged Access Management (PAM) tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints through a web browser. An attacker can exploit the Ansible playbook to write…
- CVE-2024-29020Mar 29, 2024risk 0.00cvss —epss 0.00
JumpServer is an open source bastion host and an operation and maintenance security audit system. An authorized attacker can obtain sensitive information contained within playbook files if they manage to learn the playbook_id of another user. This breach of confidentiality can…
- CVE-2024-29024Mar 29, 2024risk 0.00cvss —epss 0.00
JumpServer is an open source bastion host and an operation and maintenance security audit system. An authenticated user can exploit the Insecure Direct Object Reference (IDOR) vulnerability in the file manager's bulk transfer by manipulating job IDs to upload malicious files, …
- CVE-2023-48193Nov 28, 2023risk 0.00cvss —epss 0.02
Insecure Permissions vulnerability in JumpServer GPLv3 v.3.8.0 allows a remote attacker to execute arbitrary code via bypassing the command filtering function. NOTE: this is disputed because command filtering is not intended to restrict what code can be run by authorized users…
- CVE-2023-46138Oct 30, 2023risk 0.00cvss —epss 0.00
JumpServer is an open source bastion host and maintenance security audit system that complies with 4A specifications. Prior to version 3.8.0, the default email for initial user admin is `admin[@]mycompany[.]com`, and users reset their passwords by sending an email. Currently,…
- CVE-2023-46123Oct 25, 2023risk 0.00cvss —epss 0.01
jumpserver is an open source bastion machine, professional operation and maintenance security audit system that complies with 4A specifications. A flaw in the Core API allows attackers to bypass password brute-force protections by spoofing arbitrary IP addresses. By exploiting…
- CVE-2023-42818Sep 27, 2023risk 0.00cvss —epss 0.01
JumpServer is an open source bastion host. When users enable MFA and use a public key for authentication, the Koko SSH server does not verify the corresponding SSH private key. An attacker could exploit a vulnerability by utilizing a disclosed public key to attempt brute-force…
- CVE-2023-43651Sep 27, 2023risk 0.00cvss —epss 0.02
JumpServer is an open source bastion host. An authenticated user can exploit a vulnerability in MongoDB sessions to execute arbitrary commands, leading to remote code execution. This vulnerability may further be leveraged to gain root privileges on the system. Through the WEB…
- CVE-2023-43650Sep 27, 2023risk 0.00cvss —epss 0.01
JumpServer is an open source bastion host. The verification code for resetting user's password is vulnerable to brute-force attacks due to the absence of rate limiting. JumpServer provides a feature allowing users to reset forgotten passwords. Affected users are sent a 6-digit…
Page 1 of 2