VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Fit2Cloud
>
Jumpserver
> 2.28.10
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2023-10-31
CVE-2023-46138
Weak Password Recovery Mechanism for Forgotten Password vulnerability in Fit2Cloud Jumpserver
JumpServer is an open source bastion host and maintenance security audit system that complies with 4A specifications.
network
low complexity
fit2cloud
CWE-640
5.3
5.3
2023-10-25
CVE-2023-46123
Improper Restriction of Excessive Authentication Attempts vulnerability in Fit2Cloud Jumpserver
jumpserver is an open source bastion machine, professional operation and maintenance security audit system that complies with 4A specifications.
network
low complexity
fit2cloud
CWE-307
5.3
5.3
2023-09-27
CVE-2023-42818
Improper Restriction of Excessive Authentication Attempts vulnerability in Fit2Cloud Jumpserver
JumpServer is an open source bastion host.
network
low complexity
fit2cloud
CWE-307
critical
9.8
9.8
2023-09-27
CVE-2023-43651
Code Injection vulnerability in Fit2Cloud Jumpserver
JumpServer is an open source bastion host.
network
low complexity
fit2cloud
CWE-94
critical
9.9
9.9
2023-09-27
CVE-2023-43650
Weak Password Recovery Mechanism for Forgotten Password vulnerability in Fit2Cloud Jumpserver
JumpServer is an open source bastion host.
network
high complexity
fit2cloud
CWE-640
7.4
7.4
2023-09-27
CVE-2023-43652
Missing Authorization vulnerability in Fit2Cloud Jumpserver
JumpServer is an open source bastion host.
network
low complexity
fit2cloud
CWE-862
critical
9.1
9.1
2023-09-27
CVE-2023-42820
Unspecified vulnerability in Fit2Cloud Jumpserver
JumpServer is an open source bastion host.
network
low complexity
fit2cloud
8.2
8.2