JumpServer Unauthorized Access Vulnerability (CVE-2023-42442)

Sep 20, 2023 GMT+08:00

I. Overview

Recently, JumpServer has disclosed an unauthorized access vulnerability (CVE-2023-42442) in specific versions. Due to a defect in system permission configuration, an unauthenticated attacker can exploit this vulnerability to directly access files or sensitive information on the target server. The POC of this vulnerability has been disclosed and the risk is high.

JumpServer is an open source bastion host and a professional operation and maintenance security audit system. If you are a JumpServer user, check your JumpServer version and implement timely security hardening.

References:

https://github.com/jumpserver/jumpserver/security/advisories/GHSA-633x-3f4f-v9rw

https://nvd.nist.gov/vuln/detail/CVE-2023-42442

II. Severity

Severity: important

(Severity: low, moderate, important, and critical)

III. Affected Products

Affected versions:

3.0.0 <= JumpServer <= 3.5.4

3.6.0 <= JumpServer <= 3.6.3

Secure versions:

JumpServer >= v3.5.5

JumpServer >= v3.6.4

IV. Vulnerability Handling

This vulnerability has been fixed in the latest official version. If your service version falls into the affected range, upgrade it to the secure version.

https://github.com/jumpserver/jumpserver/tags

Note: Before fixing vulnerabilities, back up your files and conduct a thorough test.