Vulnerability Description
JumpServer is an open source bastion host. When users enable MFA and use a public key for authentication, the Koko SSH server does not verify the corresponding SSH private key. An attacker could exploit a vulnerability by utilizing a disclosed public key to attempt brute-force authentication against the SSH service This issue has been patched in versions 3.6.5 and 3.5.6. Users are advised to upgrade. There are no known workarounds for this issue.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Fit2Cloud | Jumpserver | < 3.5.6 |
Related Weaknesses (CWE)
References
- https://github.com/jumpserver/jumpserver/security/advisories/GHSA-jv3c-27cv-w8jvExploitVendor Advisory
- https://www.sonarsource.com/blog/diving-into-jumpserver-attackers-gateway-to-int
- https://github.com/jumpserver/jumpserver/security/advisories/GHSA-jv3c-27cv-w8jvExploitVendor Advisory
FAQ
What is CVE-2023-42818?
CVE-2023-42818 is a vulnerability with a CVSS score of 5.4 (MEDIUM). JumpServer is an open source bastion host. When users enable MFA and use a public key for authentication, the Koko SSH server does not verify the corresponding SSH private key. An attacker could explo...
How severe is CVE-2023-42818?
CVE-2023-42818 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-42818?
Check the references section above for vendor advisories and patch information. Affected products include: Fit2Cloud Jumpserver.