Vulnerabilities > Fit2Cloud > Jumpserver
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-18 | CVE-2024-40628 | Path Traversal vulnerability in Fit2Cloud Jumpserver JumpServer is an open-source Privileged Access Management (PAM) tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints through a web browser. | 9.1 |
| 2024-07-18 | CVE-2024-40629 | Path Traversal vulnerability in Fit2Cloud Jumpserver JumpServer is an open-source Privileged Access Management (PAM) tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints through a web browser. | 9.8 |
| 2023-11-28 | CVE-2023-48193 | Unspecified vulnerability in Fit2Cloud Jumpserver 3.8.0 Insecure Permissions vulnerability in JumpServer GPLv3 v.3.8.0 allows a remote attacker to execute arbitrary code via bypassing the command filtering function. | 9.8 |
| 2023-10-31 | CVE-2023-46138 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Fit2Cloud Jumpserver JumpServer is an open source bastion host and maintenance security audit system that complies with 4A specifications. | 5.3 |
| 2023-10-25 | CVE-2023-46123 | Improper Restriction of Excessive Authentication Attempts vulnerability in Fit2Cloud Jumpserver jumpserver is an open source bastion machine, professional operation and maintenance security audit system that complies with 4A specifications. | 5.3 |
| 2023-09-27 | CVE-2023-42818 | Improper Restriction of Excessive Authentication Attempts vulnerability in Fit2Cloud Jumpserver JumpServer is an open source bastion host. | 9.8 |
| 2023-09-27 | CVE-2023-43651 | Code Injection vulnerability in Fit2Cloud Jumpserver JumpServer is an open source bastion host. | 9.9 |
| 2023-09-27 | CVE-2023-43650 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Fit2Cloud Jumpserver JumpServer is an open source bastion host. | 7.4 |
| 2023-09-27 | CVE-2023-43652 | Missing Authorization vulnerability in Fit2Cloud Jumpserver JumpServer is an open source bastion host. | 9.1 |
| 2023-09-27 | CVE-2023-42819 | Path Traversal vulnerability in Fit2Cloud Jumpserver JumpServer is an open source bastion host. | 8.8 |