Vulnerabilities > Jumpserver

DATE CVE VULNERABILITY TITLE RISK
2021-07-23 CVE-2021-3169 Injection vulnerability in Jumpserver
An issue in Jumpserver before 2.6.2, before 2.5.4, before 2.4.5 allows attackers to create a connection token through an API which does not have access control and use it to access sensitive assets.
network
low complexity
jumpserver CWE-74
critical
9.8