Vulnerabilities > Fit2Cloud > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-09-27 CVE-2023-43652 Unspecified vulnerability in Fit2Cloud Jumpserver
JumpServer is an open source bastion host.
network
low complexity
fit2cloud
critical
 9.1
9.1
2023-09-14 CVE-2023-42405 SQL Injection vulnerability in Fit2Cloud Rackshift 1.7.1
SQL injection vulnerability in FIT2CLOUD RackShift v1.7.1 allows attackers to execute arbitrary code via the `sort` parameter to taskService.list(), bareMetalService.list(), and switchService.list().
network
low complexity
fit2cloud CWE-89
critical
 9.8
9.8
2023-08-10 CVE-2023-39966 Unspecified vulnerability in Fit2Cloud 1Panel 1.4.3
1Panel is an open source Linux server operation and maintenance management panel.
network
low complexity
fit2cloud
critical
 9.8
9.8
2023-08-04 CVE-2023-38692 Unspecified vulnerability in Fit2Cloud Cloudexplorer Lite
CloudExplorer Lite is an open source, lightweight cloud management platform.
network
low complexity
fit2cloud
critical
 9.8
9.8
2023-06-27 CVE-2023-34240 Unspecified vulnerability in Fit2Cloud Cloudexplorer Lite
Cloudexplorer-lite is an open source cloud software stack.
network
low complexity
fit2cloud
critical
 9.8
9.8
2023-03-16 CVE-2023-28110 Unspecified vulnerability in Fit2Cloud Jumpserver and Koko
Jumpserver is a popular open source bastion host, and Koko is a Jumpserver component that is the Go version of coco, refactoring coco's SSH/SFTP service and Web Terminal service.
network
low complexity
fit2cloud
critical
 9.9
9.9
2023-01-14 CVE-2023-22480 Incorrect Authorization vulnerability in Fit2Cloud Kubeoperator
KubeOperator is an open source Kubernetes distribution focused on helping enterprises plan, deploy and operate production-level K8s clusters.
network
low complexity
fit2cloud CWE-863
critical
 9.8
9.8
2023-01-04 CVE-2023-22463 Unspecified vulnerability in Fit2Cloud Kubepi
KubePi is a k8s panel.
network
low complexity
fit2cloud
critical
 9.8
9.8