Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2023-42442
Analyzed
More InfoOfficial Page
Source-security-advisories@github.com
View Known Exploited Vulnerability (KEV) details
Published At-15 Sep, 2023 | 21:15
Updated At-20 Sep, 2023 | 19:33

JumpServer is an open source bastion host and a professional operation and maintenance security audit system. Starting in version 3.0.0 and prior to versions 3.5.5 and 3.6.4, session replays can download without authentication. Session replays stored in S3, OSS, or other cloud storage are not affected. The api `/api/v1/terminal/sessions/` permission control is broken and can be accessed anonymously. SessionViewSet permission classes set to `[RBACPermission | IsSessionAssignee]`, relation is or, so any permission matched will be allowed. Versions 3.5.5 and 3.6.4 have a fix. After upgrading, visit the api `$HOST/api/v1/terminal/sessions/?limit=1`. The expected http response code is 401 (`not_authenticated`).

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.15.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Secondary3.18.2HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
Type: Primary
Version: 3.1
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Type: Secondary
Version: 3.1
Base score: 8.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
CPE Matches
FIT2CLOUD Inc.
fit2cloud
>>jumpserver>>Versions from 3.0.0(inclusive) to 3.5.5(exclusive)
cpe:2.3:a:fit2cloud:jumpserver:*:*:*:*:*:*:*:*
FIT2CLOUD Inc.
fit2cloud
>>jumpserver>>Versions from 3.6.0(inclusive) to 3.6.4(exclusive)
cpe:2.3:a:fit2cloud:jumpserver:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-287Primarynvd@nist.gov
CWE-287Secondarysecurity-advisories@github.com
CWE ID: CWE-287
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-287
Type: Secondary
Source: security-advisories@github.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/jumpserver/jumpserver/blob/v3.6.1/apps/terminal/api/session/session.py#L91security-advisories@github.com
Product
https://github.com/jumpserver/jumpserver/commit/0a58bba59cd275bab8e0ae58bf4b359fbc5eb74asecurity-advisories@github.com
Patch
https://github.com/jumpserver/jumpserver/security/advisories/GHSA-633x-3f4f-v9rwsecurity-advisories@github.com
Exploit
Vendor Advisory
Hyperlink: https://github.com/jumpserver/jumpserver/blob/v3.6.1/apps/terminal/api/session/session.py#L91
Source: security-advisories@github.com
Resource:
Product
Hyperlink: https://github.com/jumpserver/jumpserver/commit/0a58bba59cd275bab8e0ae58bf4b359fbc5eb74a
Source: security-advisories@github.com
Resource:
Patch
Hyperlink: https://github.com/jumpserver/jumpserver/security/advisories/GHSA-633x-3f4f-v9rw
Source: security-advisories@github.com
Resource:
Exploit
Vendor Advisory
Change History
0Changes found
Details not found