Vulnerabilities > Jamf > Jamf > 10.6.0

DATE CVE VULNERABILITY TITLE RISK
2023-12-25 CVE-2023-31224 Improper Authentication vulnerability in Jamf
There is broken access control during authentication in Jamf Pro Server before 10.46.1.
network
low complexity
jamf CWE-287
critical
 9.8
9.8
2021-12-01 CVE-2021-40809 Server-Side Request Forgery (SSRF) vulnerability in Jamf
An issue was discovered in Jamf Pro before 10.32.0, aka PI-009921.
network
low complexity
jamf CWE-918
6.5
6.5
2021-11-12 CVE-2021-39303 Server-Side Request Forgery (SSRF) vulnerability in Jamf
The server in Jamf Pro before 10.32.0 has an SSRF vulnerability, aka PI-006352.
network
low complexity
jamf CWE-918
7.5
7.5
2021-07-12 CVE-2021-35037 Open Redirect vulnerability in Jamf
Jamf Pro before 10.30.1 allows for an unvalidated URL redirect vulnerability affecting Jamf Pro customers who host their environments on-premises.
network
jamf CWE-601
5.8
5.8
2021-04-02 CVE-2021-30125 Cross-site Scripting vulnerability in Jamf
Jamf Pro before 10.28.0 allows XSS related to inventory history, aka PI-009376.
network
jamf CWE-79
4.3
4.3
2020-01-08 CVE-2019-17076 Deserialization of Untrusted Data vulnerability in Jamf
An issue was discovered in Jamf Pro 9.x and 10.x before 10.15.1.
network
low complexity
jamf CWE-502
7.5
7.5