Vulnerabilities > Fit2Cloud > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-08-10 CVE-2023-39966 Missing Authorization vulnerability in Fit2Cloud 1Panel 1.4.3
1Panel is an open source Linux server operation and maintenance management panel.
network
low complexity
fit2cloud CWE-862
critical
 9.8
9.8
2023-08-04 CVE-2023-38692 OS Command Injection vulnerability in Fit2Cloud Cloudexplorer Lite
CloudExplorer Lite is an open source, lightweight cloud management platform.
network
low complexity
fit2cloud CWE-78
critical
 9.8
9.8
2023-06-27 CVE-2023-34240 Weak Password Requirements vulnerability in Fit2Cloud Cloudexplorer Lite
Cloudexplorer-lite is an open source cloud software stack.
network
low complexity
fit2cloud CWE-521
critical
 9.8
9.8
2023-03-16 CVE-2023-28110 Command Injection vulnerability in Fit2Cloud Jumpserver and Koko
Jumpserver is a popular open source bastion host, and Koko is a Jumpserver component that is the Go version of coco, refactoring coco's SSH/SFTP service and Web Terminal service.
network
low complexity
fit2cloud CWE-77
critical
 9.9
9.9
2023-01-14 CVE-2023-22480 Incorrect Authorization vulnerability in Fit2Cloud Kubeoperator
KubeOperator is an open source Kubernetes distribution focused on helping enterprises plan, deploy and operate production-level K8s clusters.
network
low complexity
fit2cloud CWE-863
critical
 9.8
9.8
2023-01-04 CVE-2023-22463 Use of Hard-coded Credentials vulnerability in Fit2Cloud Kubepi
KubePi is a k8s panel.
network
low complexity
fit2cloud CWE-798
critical
 9.8
9.8