Vulnerabilities > Fit2Cloud

DATE CVE VULNERABILITY TITLE RISK
2023-06-27 CVE-2023-3423 Weak Password Requirements vulnerability in Fit2Cloud Cloudexplorer Lite
Weak Password Requirements in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v 1.2.0.
network
low complexity
fit2cloud CWE-521
8.8
2023-05-26 CVE-2023-32311 Missing Authorization vulnerability in Fit2Cloud Cloudexplorer
CloudExplorer Lite is an open source cloud management platform.
network
low complexity
fit2cloud CWE-862
4.3
2023-05-26 CVE-2023-32316 Missing Authorization vulnerability in Fit2Cloud Cloudexplorer
CloudExplorer Lite is an open source cloud management tool.
network
low complexity
fit2cloud CWE-862
4.3
2023-05-24 CVE-2022-42225 Cross-site Scripting vulnerability in Fit2Cloud Lina
Jumpserver 2.10.0 <= version <= 2.26.0 contains multiple stored XSS vulnerabilities because of improper filtering of user input, which can execute any javascript under admin's permission.
network
low complexity
fit2cloud CWE-79
5.4
2023-05-23 CVE-2023-2845 Unspecified vulnerability in Fit2Cloud Cloudexplorer Lite
Improper Access Control in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v1.1.0.
network
low complexity
fit2cloud
8.1
2023-05-23 CVE-2023-2844 Authorization Bypass Through User-Controlled Key vulnerability in Fit2Cloud Cloudexplorer Lite
Authorization Bypass Through User-Controlled Key in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v1.1.0.
network
low complexity
fit2cloud CWE-639
4.9
2023-03-16 CVE-2023-28110 Command Injection vulnerability in Fit2Cloud Jumpserver and Koko
Jumpserver is a popular open source bastion host, and Koko is a Jumpserver component that is the Go version of coco, refactoring coco's SSH/SFTP service and Web Terminal service.
network
low complexity
fit2cloud CWE-77
critical
9.9
2023-01-14 CVE-2023-22478 Missing Authorization vulnerability in Fit2Cloud Kubepi
KubePi is a modern Kubernetes panel.
network
low complexity
fit2cloud CWE-862
7.5
2023-01-14 CVE-2023-22480 Incorrect Authorization vulnerability in Fit2Cloud Kubeoperator
KubeOperator is an open source Kubernetes distribution focused on helping enterprises plan, deploy and operate production-level K8s clusters.
network
low complexity
fit2cloud CWE-863
critical
9.8
2023-01-10 CVE-2023-22479 Session Fixation vulnerability in Fit2Cloud Kubepi
KubePi is a modern Kubernetes panel.
network
low complexity
fit2cloud CWE-384
6.5