VYPR

Vendor CVEs

Jumpserver

All CVEs

26 total · sorted by risk
  • CVE-2024-29202Mar 29, 2024
    risk 0.06cvss epss 0.06

    JumpServer is an open source bastion host and an operation and maintenance security audit system. Attackers can exploit a Jinja2 template injection vulnerability in JumpServer's Ansible to execute arbitrary code within the Celery container. Since the Celery container runs with…

  • CVE-2024-29201Mar 29, 2024
    risk 0.05cvss epss 0.06

    JumpServer is an open source bastion host and an operation and maintenance security audit system. Attackers can bypass the input validation mechanism in JumpServer's Ansible to execute arbitrary code within the Celery container. Since the Celery container runs with root…

  • CVE-2023-42442Sep 15, 2023
    risk 0.04cvss epss 0.56

    JumpServer is an open source bastion host and a professional operation and maintenance security audit system. Starting in version 3.0.0 and prior to versions 3.5.5 and 3.6.4, session replays can download without authentication. Session replays stored in S3, OSS, or other cloud…

  • CVE-2024-24763Feb 20, 2024
    risk 0.02cvss epss 0.01

    JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to version 3.10.0, attackers can exploit this vulnerability to construct malicious links, leading users to click on them, thereby facilitating phishing attacks or cross-site…

  • CVE-2026-31864Mar 13, 2026
    risk 0.00cvss epss 0.00

    JumpServer is an open source bastion host and an operation and maintenance security audit system. a Server-Side Template Injection (SSTI) vulnerability exists in JumpServer's Applet and VirtualApp upload functionality. This vulnerability can only be exploited by users with…

  • CVE-2026-31798Mar 13, 2026
    risk 0.00cvss epss 0.00

    JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to v4.10.16-lts, JumpServer improperly validates certificates in the Custom SMS API Client. When JumpServer sends MFA/OTP codes via Custom SMS API, an attacker can intercept…

  • CVE-2025-58044Dec 1, 2025
    risk 0.00cvss epss 0.00

    JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to v3.10.19 and v4.10.5, The /core/i18n// endpoint uses the Referer header as the redirection target without proper validation, which could lead to an Open Redirect…

  • CVE-2025-62795Oct 30, 2025
    risk 0.00cvss epss 0.00

    JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to v3.10.21-lts and v4.10.12-lts, a low-privileged authenticated user can invoke LDAP configuration tests and start LDAP synchronization by sending crafted messages to the…

  • CVE-2025-62712Oct 30, 2025
    risk 0.00cvss epss 0.00

    JumpServer is an open source bastion host and an operation and maintenance security audit system. In JumpServer versions prior to v3.10.20-lts and v4.10.11-lts, an authenticated, non-privileged user can retrieve connection tokens belonging to other users via the super-connection…

  • CVE-2025-27095Mar 31, 2025
    risk 0.00cvss epss 0.00

    JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to 4.8.0 and 3.10.18, an attacker with a low-privileged account can access the Kubernetes session feature and manipulate the kubeconfig file to redirect API requests to an…

  • CVE-2024-40628Jul 18, 2024
    risk 0.00cvss epss 0.01

    JumpServer is an open-source Privileged Access Management (PAM) tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints through a web browser. An attacker can exploit the ansible playbook to read arbitrary…

  • CVE-2024-40629Jul 18, 2024
    risk 0.00cvss epss 0.01

    JumpServer is an open-source Privileged Access Management (PAM) tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints through a web browser. An attacker can exploit the Ansible playbook to write…

  • CVE-2024-29020Mar 29, 2024
    risk 0.00cvss epss 0.00

    JumpServer is an open source bastion host and an operation and maintenance security audit system. An authorized attacker can obtain sensitive information contained within playbook files if they manage to learn the playbook_id of another user. This breach of confidentiality can…

  • CVE-2024-29024Mar 29, 2024
    risk 0.00cvss epss 0.00

    JumpServer is an open source bastion host and an operation and maintenance security audit system. An authenticated user can exploit the Insecure Direct Object Reference (IDOR) vulnerability in the file manager's bulk transfer by manipulating job IDs to upload malicious files, …

  • CVE-2023-48193Nov 28, 2023
    risk 0.00cvss epss 0.02

    Insecure Permissions vulnerability in JumpServer GPLv3 v.3.8.0 allows a remote attacker to execute arbitrary code via bypassing the command filtering function. NOTE: this is disputed because command filtering is not intended to restrict what code can be run by authorized users…

  • CVE-2023-46138Oct 30, 2023
    risk 0.00cvss epss 0.00

    JumpServer is an open source bastion host and maintenance security audit system that complies with 4A specifications. Prior to version 3.8.0, the default email for initial user admin is `admin[@]mycompany[.]com`, and users reset their passwords by sending an email. Currently,…

  • CVE-2023-46123Oct 25, 2023
    risk 0.00cvss epss 0.01

    jumpserver is an open source bastion machine, professional operation and maintenance security audit system that complies with 4A specifications. A flaw in the Core API allows attackers to bypass password brute-force protections by spoofing arbitrary IP addresses. By exploiting…

  • CVE-2023-42818Sep 27, 2023
    risk 0.00cvss epss 0.01

    JumpServer is an open source bastion host. When users enable MFA and use a public key for authentication, the Koko SSH server does not verify the corresponding SSH private key. An attacker could exploit a vulnerability by utilizing a disclosed public key to attempt brute-force…

  • CVE-2023-43651Sep 27, 2023
    risk 0.00cvss epss 0.02

    JumpServer is an open source bastion host. An authenticated user can exploit a vulnerability in MongoDB sessions to execute arbitrary commands, leading to remote code execution. This vulnerability may further be leveraged to gain root privileges on the system. Through the WEB…

  • CVE-2023-43650Sep 27, 2023
    risk 0.00cvss epss 0.01

    JumpServer is an open source bastion host. The verification code for resetting user's password is vulnerable to brute-force attacks due to the absence of rate limiting. JumpServer provides a feature allowing users to reset forgotten passwords. Affected users are sent a 6-digit…

  • CVE-2023-43652Sep 27, 2023
    risk 0.00cvss epss 0.01

    JumpServer is an open source bastion host. As an unauthenticated user, it is possible to authenticate to the core API with a username and an SSH public key without needing a password or the corresponding SSH private key. An SSH public key should be considered public knowledge…

  • CVE-2023-42819Sep 26, 2023
    risk 0.00cvss epss 0.02

    JumpServer is an open source bastion host. Logged-in users can access and modify the contents of any file on the system. A user can use the 'Job-Template' menu and create a playbook named 'test'. Get the playbook id from the detail page, like…

  • CVE-2023-42820Sep 26, 2023
    risk 0.00cvss epss 0.05

    JumpServer is an open source bastion host. This vulnerability is due to exposing the random number seed to the API, potentially allowing the randomly generated verification codes to be replayed, which could lead to password resets. If MFA is enabled users are not affect. Users…

  • CVE-2022-42225May 24, 2023
    risk 0.00cvss epss 0.01

    Jumpserver 2.10.0 <= version <= 2.26.0 contains multiple stored XSS vulnerabilities because of improper filtering of user input, which can execute any javascript under admin's permission.

  • CVE-2023-28110Mar 16, 2023
    risk 0.00cvss epss 0.01

    Jumpserver is a popular open source bastion host, and Koko is a Jumpserver component that is the Go version of coco, refactoring coco's SSH/SFTP service and Web Terminal service. Prior to version 2.28.8, using illegal tokens to connect to a Kubernetes cluster through Koko can…

  • CVE-2021-3169Jul 23, 2021
    risk 0.00cvss epss 0.03

    An issue in Jumpserver before 2.6.2, before 2.5.4, before 2.4.5 allows attackers to create a connection token through an API which does not have access control and use it to access sensitive assets.