1. Home
  2. CVE Database
  3. CVE-2023-42442
HIGH · 8.2

CVE-2023-42442

JumpServer is an open source bastion host and a professional operation and maintenance security audit system. Starting in version 3.0.0 and prior to versions 3.5.5 and 3.6.4, session replays can downl...

Vulnerability Description

JumpServer is an open source bastion host and a professional operation and maintenance security audit system. Starting in version 3.0.0 and prior to versions 3.5.5 and 3.6.4, session replays can download without authentication. Session replays stored in S3, OSS, or other cloud storage are not affected. The api `/api/v1/terminal/sessions/` permission control is broken and can be accessed anonymously. SessionViewSet permission classes set to `[RBACPermission | IsSessionAssignee]`, relation is or, so any permission matched will be allowed. Versions 3.5.5 and 3.6.4 have a fix. After upgrading, visit the api `$HOST/api/v1/terminal/sessions/?limit=1`. The expected http response code is 401 (`not_authenticated`).

CVSS Score

8.2

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
LOW
Availability
HIGH

Affected Products

VendorProductVersions
Fit2CloudJumpserver>= 3.0.0, < 3.5.5

Related Weaknesses (CWE)

CWE-287

References

FAQ

What is CVE-2023-42442?

CVE-2023-42442 is a vulnerability with a CVSS score of 8.2 (HIGH). JumpServer is an open source bastion host and a professional operation and maintenance security audit system. Starting in version 3.0.0 and prior to versions 3.5.5 and 3.6.4, session replays can downl...

How severe is CVE-2023-42442?

CVE-2023-42442 has been rated HIGH with a CVSS base score of 8.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-42442?

Check the references section above for vendor advisories and patch information. Affected products include: Fit2Cloud Jumpserver.