Vendor CVEs
Jumpserver
All CVEs
26 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-29202 | 0.06 | — | 0.06 | Mar 29, 2024 | JumpServer is an open source bastion host and an operation and maintenance security audit system. Attackers can exploit a Jinja2 template injection vulnerability in JumpServer's Ansible to execute arbitrary code within the Celery container. Since the Celery container runs with… | |||
| CVE-2024-29201 | 0.05 | — | 0.06 | Mar 29, 2024 | JumpServer is an open source bastion host and an operation and maintenance security audit system. Attackers can bypass the input validation mechanism in JumpServer's Ansible to execute arbitrary code within the Celery container. Since the Celery container runs with root… | |||
| CVE-2023-42442 | 0.04 | — | 0.56 | Sep 15, 2023 | JumpServer is an open source bastion host and a professional operation and maintenance security audit system. Starting in version 3.0.0 and prior to versions 3.5.5 and 3.6.4, session replays can download without authentication. Session replays stored in S3, OSS, or other cloud… | |||
| CVE-2024-24763 | 0.02 | — | 0.01 | Feb 20, 2024 | JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to version 3.10.0, attackers can exploit this vulnerability to construct malicious links, leading users to click on them, thereby facilitating phishing attacks or cross-site… | |||
| CVE-2026-31864 | 0.00 | — | 0.00 | Mar 13, 2026 | JumpServer is an open source bastion host and an operation and maintenance security audit system. a Server-Side Template Injection (SSTI) vulnerability exists in JumpServer's Applet and VirtualApp upload functionality. This vulnerability can only be exploited by users with… | |||
| CVE-2026-31798 | 0.00 | — | 0.00 | Mar 13, 2026 | JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to v4.10.16-lts, JumpServer improperly validates certificates in the Custom SMS API Client. When JumpServer sends MFA/OTP codes via Custom SMS API, an attacker can intercept… | |||
| CVE-2025-58044 | 0.00 | — | 0.00 | Dec 1, 2025 | JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to v3.10.19 and v4.10.5, The /core/i18n// endpoint uses the Referer header as the redirection target without proper validation, which could lead to an Open Redirect… | |||
| CVE-2025-62795 | 0.00 | — | 0.00 | Oct 30, 2025 | JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to v3.10.21-lts and v4.10.12-lts, a low-privileged authenticated user can invoke LDAP configuration tests and start LDAP synchronization by sending crafted messages to the… | |||
| CVE-2025-62712 | 0.00 | — | 0.00 | Oct 30, 2025 | JumpServer is an open source bastion host and an operation and maintenance security audit system. In JumpServer versions prior to v3.10.20-lts and v4.10.11-lts, an authenticated, non-privileged user can retrieve connection tokens belonging to other users via the super-connection… | |||
| CVE-2025-27095 | 0.00 | — | 0.00 | Mar 31, 2025 | JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to 4.8.0 and 3.10.18, an attacker with a low-privileged account can access the Kubernetes session feature and manipulate the kubeconfig file to redirect API requests to an… | |||
| CVE-2024-40628 | 0.00 | — | 0.01 | Jul 18, 2024 | JumpServer is an open-source Privileged Access Management (PAM) tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints through a web browser. An attacker can exploit the ansible playbook to read arbitrary… | |||
| CVE-2024-40629 | 0.00 | — | 0.01 | Jul 18, 2024 | JumpServer is an open-source Privileged Access Management (PAM) tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints through a web browser. An attacker can exploit the Ansible playbook to write… | |||
| CVE-2024-29020 | 0.00 | — | 0.00 | Mar 29, 2024 | JumpServer is an open source bastion host and an operation and maintenance security audit system. An authorized attacker can obtain sensitive information contained within playbook files if they manage to learn the playbook_id of another user. This breach of confidentiality can… | |||
| CVE-2024-29024 | 0.00 | — | 0.00 | Mar 29, 2024 | JumpServer is an open source bastion host and an operation and maintenance security audit system. An authenticated user can exploit the Insecure Direct Object Reference (IDOR) vulnerability in the file manager's bulk transfer by manipulating job IDs to upload malicious files, … | |||
| CVE-2023-48193 | 0.00 | — | 0.02 | Nov 28, 2023 | Insecure Permissions vulnerability in JumpServer GPLv3 v.3.8.0 allows a remote attacker to execute arbitrary code via bypassing the command filtering function. NOTE: this is disputed because command filtering is not intended to restrict what code can be run by authorized users… | |||
| CVE-2023-46138 | 0.00 | — | 0.00 | Oct 30, 2023 | JumpServer is an open source bastion host and maintenance security audit system that complies with 4A specifications. Prior to version 3.8.0, the default email for initial user admin is `admin[@]mycompany[.]com`, and users reset their passwords by sending an email. Currently,… | |||
| CVE-2023-46123 | 0.00 | — | 0.01 | Oct 25, 2023 | jumpserver is an open source bastion machine, professional operation and maintenance security audit system that complies with 4A specifications. A flaw in the Core API allows attackers to bypass password brute-force protections by spoofing arbitrary IP addresses. By exploiting… | |||
| CVE-2023-42818 | 0.00 | — | 0.01 | Sep 27, 2023 | JumpServer is an open source bastion host. When users enable MFA and use a public key for authentication, the Koko SSH server does not verify the corresponding SSH private key. An attacker could exploit a vulnerability by utilizing a disclosed public key to attempt brute-force… | |||
| CVE-2023-43651 | 0.00 | — | 0.02 | Sep 27, 2023 | JumpServer is an open source bastion host. An authenticated user can exploit a vulnerability in MongoDB sessions to execute arbitrary commands, leading to remote code execution. This vulnerability may further be leveraged to gain root privileges on the system. Through the WEB… | |||
| CVE-2023-43650 | 0.00 | — | 0.01 | Sep 27, 2023 | JumpServer is an open source bastion host. The verification code for resetting user's password is vulnerable to brute-force attacks due to the absence of rate limiting. JumpServer provides a feature allowing users to reset forgotten passwords. Affected users are sent a 6-digit… | |||
| CVE-2023-43652 | 0.00 | — | 0.01 | Sep 27, 2023 | JumpServer is an open source bastion host. As an unauthenticated user, it is possible to authenticate to the core API with a username and an SSH public key without needing a password or the corresponding SSH private key. An SSH public key should be considered public knowledge… | |||
| CVE-2023-42819 | 0.00 | — | 0.02 | Sep 26, 2023 | JumpServer is an open source bastion host. Logged-in users can access and modify the contents of any file on the system. A user can use the 'Job-Template' menu and create a playbook named 'test'. Get the playbook id from the detail page, like… | |||
| CVE-2023-42820 | 0.00 | — | 0.05 | Sep 26, 2023 | JumpServer is an open source bastion host. This vulnerability is due to exposing the random number seed to the API, potentially allowing the randomly generated verification codes to be replayed, which could lead to password resets. If MFA is enabled users are not affect. Users… | |||
| CVE-2022-42225 | 0.00 | — | 0.01 | May 24, 2023 | Jumpserver 2.10.0 <= version <= 2.26.0 contains multiple stored XSS vulnerabilities because of improper filtering of user input, which can execute any javascript under admin's permission. | |||
| CVE-2023-28110 | 0.00 | — | 0.01 | Mar 16, 2023 | Jumpserver is a popular open source bastion host, and Koko is a Jumpserver component that is the Go version of coco, refactoring coco's SSH/SFTP service and Web Terminal service. Prior to version 2.28.8, using illegal tokens to connect to a Kubernetes cluster through Koko can… | |||
| CVE-2021-3169 | 0.00 | — | 0.03 | Jul 23, 2021 | An issue in Jumpserver before 2.6.2, before 2.5.4, before 2.4.5 allows attackers to create a connection token through an API which does not have access control and use it to access sensitive assets. |
- CVE-2024-29202Mar 29, 2024risk 0.06cvss —epss 0.06
JumpServer is an open source bastion host and an operation and maintenance security audit system. Attackers can exploit a Jinja2 template injection vulnerability in JumpServer's Ansible to execute arbitrary code within the Celery container. Since the Celery container runs with…
- CVE-2024-29201Mar 29, 2024risk 0.05cvss —epss 0.06
JumpServer is an open source bastion host and an operation and maintenance security audit system. Attackers can bypass the input validation mechanism in JumpServer's Ansible to execute arbitrary code within the Celery container. Since the Celery container runs with root…
- CVE-2023-42442Sep 15, 2023risk 0.04cvss —epss 0.56
JumpServer is an open source bastion host and a professional operation and maintenance security audit system. Starting in version 3.0.0 and prior to versions 3.5.5 and 3.6.4, session replays can download without authentication. Session replays stored in S3, OSS, or other cloud…
- CVE-2024-24763Feb 20, 2024risk 0.02cvss —epss 0.01
JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to version 3.10.0, attackers can exploit this vulnerability to construct malicious links, leading users to click on them, thereby facilitating phishing attacks or cross-site…
- CVE-2026-31864Mar 13, 2026risk 0.00cvss —epss 0.00
JumpServer is an open source bastion host and an operation and maintenance security audit system. a Server-Side Template Injection (SSTI) vulnerability exists in JumpServer's Applet and VirtualApp upload functionality. This vulnerability can only be exploited by users with…
- CVE-2026-31798Mar 13, 2026risk 0.00cvss —epss 0.00
JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to v4.10.16-lts, JumpServer improperly validates certificates in the Custom SMS API Client. When JumpServer sends MFA/OTP codes via Custom SMS API, an attacker can intercept…
- CVE-2025-58044Dec 1, 2025risk 0.00cvss —epss 0.00
JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to v3.10.19 and v4.10.5, The /core/i18n// endpoint uses the Referer header as the redirection target without proper validation, which could lead to an Open Redirect…
- CVE-2025-62795Oct 30, 2025risk 0.00cvss —epss 0.00
JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to v3.10.21-lts and v4.10.12-lts, a low-privileged authenticated user can invoke LDAP configuration tests and start LDAP synchronization by sending crafted messages to the…
- CVE-2025-62712Oct 30, 2025risk 0.00cvss —epss 0.00
JumpServer is an open source bastion host and an operation and maintenance security audit system. In JumpServer versions prior to v3.10.20-lts and v4.10.11-lts, an authenticated, non-privileged user can retrieve connection tokens belonging to other users via the super-connection…
- CVE-2025-27095Mar 31, 2025risk 0.00cvss —epss 0.00
JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to 4.8.0 and 3.10.18, an attacker with a low-privileged account can access the Kubernetes session feature and manipulate the kubeconfig file to redirect API requests to an…
- CVE-2024-40628Jul 18, 2024risk 0.00cvss —epss 0.01
JumpServer is an open-source Privileged Access Management (PAM) tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints through a web browser. An attacker can exploit the ansible playbook to read arbitrary…
- CVE-2024-40629Jul 18, 2024risk 0.00cvss —epss 0.01
JumpServer is an open-source Privileged Access Management (PAM) tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints through a web browser. An attacker can exploit the Ansible playbook to write…
- CVE-2024-29020Mar 29, 2024risk 0.00cvss —epss 0.00
JumpServer is an open source bastion host and an operation and maintenance security audit system. An authorized attacker can obtain sensitive information contained within playbook files if they manage to learn the playbook_id of another user. This breach of confidentiality can…
- CVE-2024-29024Mar 29, 2024risk 0.00cvss —epss 0.00
JumpServer is an open source bastion host and an operation and maintenance security audit system. An authenticated user can exploit the Insecure Direct Object Reference (IDOR) vulnerability in the file manager's bulk transfer by manipulating job IDs to upload malicious files, …
- CVE-2023-48193Nov 28, 2023risk 0.00cvss —epss 0.02
Insecure Permissions vulnerability in JumpServer GPLv3 v.3.8.0 allows a remote attacker to execute arbitrary code via bypassing the command filtering function. NOTE: this is disputed because command filtering is not intended to restrict what code can be run by authorized users…
- CVE-2023-46138Oct 30, 2023risk 0.00cvss —epss 0.00
JumpServer is an open source bastion host and maintenance security audit system that complies with 4A specifications. Prior to version 3.8.0, the default email for initial user admin is `admin[@]mycompany[.]com`, and users reset their passwords by sending an email. Currently,…
- CVE-2023-46123Oct 25, 2023risk 0.00cvss —epss 0.01
jumpserver is an open source bastion machine, professional operation and maintenance security audit system that complies with 4A specifications. A flaw in the Core API allows attackers to bypass password brute-force protections by spoofing arbitrary IP addresses. By exploiting…
- CVE-2023-42818Sep 27, 2023risk 0.00cvss —epss 0.01
JumpServer is an open source bastion host. When users enable MFA and use a public key for authentication, the Koko SSH server does not verify the corresponding SSH private key. An attacker could exploit a vulnerability by utilizing a disclosed public key to attempt brute-force…
- CVE-2023-43651Sep 27, 2023risk 0.00cvss —epss 0.02
JumpServer is an open source bastion host. An authenticated user can exploit a vulnerability in MongoDB sessions to execute arbitrary commands, leading to remote code execution. This vulnerability may further be leveraged to gain root privileges on the system. Through the WEB…
- CVE-2023-43650Sep 27, 2023risk 0.00cvss —epss 0.01
JumpServer is an open source bastion host. The verification code for resetting user's password is vulnerable to brute-force attacks due to the absence of rate limiting. JumpServer provides a feature allowing users to reset forgotten passwords. Affected users are sent a 6-digit…
- CVE-2023-43652Sep 27, 2023risk 0.00cvss —epss 0.01
JumpServer is an open source bastion host. As an unauthenticated user, it is possible to authenticate to the core API with a username and an SSH public key without needing a password or the corresponding SSH private key. An SSH public key should be considered public knowledge…
- CVE-2023-42819Sep 26, 2023risk 0.00cvss —epss 0.02
JumpServer is an open source bastion host. Logged-in users can access and modify the contents of any file on the system. A user can use the 'Job-Template' menu and create a playbook named 'test'. Get the playbook id from the detail page, like…
- CVE-2023-42820Sep 26, 2023risk 0.00cvss —epss 0.05
JumpServer is an open source bastion host. This vulnerability is due to exposing the random number seed to the API, potentially allowing the randomly generated verification codes to be replayed, which could lead to password resets. If MFA is enabled users are not affect. Users…
- CVE-2022-42225May 24, 2023risk 0.00cvss —epss 0.01
Jumpserver 2.10.0 <= version <= 2.26.0 contains multiple stored XSS vulnerabilities because of improper filtering of user input, which can execute any javascript under admin's permission.
- CVE-2023-28110Mar 16, 2023risk 0.00cvss —epss 0.01
Jumpserver is a popular open source bastion host, and Koko is a Jumpserver component that is the Go version of coco, refactoring coco's SSH/SFTP service and Web Terminal service. Prior to version 2.28.8, using illegal tokens to connect to a Kubernetes cluster through Koko can…
- CVE-2021-3169Jul 23, 2021risk 0.00cvss —epss 0.03
An issue in Jumpserver before 2.6.2, before 2.5.4, before 2.4.5 allows attackers to create a connection token through an API which does not have access control and use it to access sensitive assets.