CVE-2023-42818 — Vulnetix

CVE-2023-42818 PUBLISHED CVSS 5.4 MEDIUM

Reported by GitHub_M · Published September 27, 2023

JumpServer is an open source bastion host. When users enable MFA and use a public key for authentication, the Koko SSH server does not verify the corresponding SSH private key. An attacker could exploit a vulnerability by utilizing a disclosed public key to attempt brute-force authentication against the SSH service This issue has been patched in versions 3.6.5 and 3.5.6. Users are advised to upgrade. There are no known workarounds for this issue.

Risk Scores

CVSS 3.1

5.4

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

Affected Products

Vendor	Product	Versions
jumpserver	jumpserver	>= 3.6.0, < 3.6.5, < 3.5.6
jumpserver	jumpserver	3.6.0, 0
jumpserver	jumpserver	>= 3.6.0, < 3.6.5, < 3.5.6

Exploit Intelligence

Timeline

Sep 27, 2023 CVE Published
Sep 28, 2023 EPSS Score
Oct 30, 2023 EPSS Score
Dec 1, 2023 EPSS Score
Jan 2, 2024 EPSS Score
Feb 3, 2024 EPSS Score
Mar 5, 2024 EPSS Score
Apr 6, 2024 EPSS Score
May 8, 2024 EPSS Score
Jun 9, 2024 EPSS Score
Jul 11, 2024 EPSS Score
Aug 12, 2024 EPSS Score

References

https://github.com/jumpserver/jumpserver/security/advisories/GHSA-jv3c-27cv-w8jv x_refsource_CONFIRM
https://www.sonarsource.com/blog/diving-into-jumpserver-attackers-gateway-to-internal-networks-1-2 x_refsource_MISC

Open in Interactive Console →