Lucene search

AttackerKBAKB:4D73D1EB-AE94-4697-A673-32D1D66F26D5

HistorySep 27, 2023 - 12:00 a.m.

CVE-2023-42820

2023-09-2700:00:00

attackerkb.com

jumpserver

vulnerability

open source

bastion host

api

random number seed

password resets

mfa

local authentication

upgrade

cve-2023-42820

cn-kali-team

assessments

8.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

0.0005 Low

EPSS

Percentile

17.7%

JSON

JumpServer is an open source bastion host. This vulnerability is due to exposing the random number seed to the API, potentially allowing the randomly generated verification codes to be replayed, which could lead to password resets. If MFA is enabled users are not affect. Users not using local authentication are also not affected. Users are advised to upgrade to either version 2.28.19 or to 3.6.5. There are no known workarounds or this issue.

Recent assessments:

cn-kali-team at October 12, 2023 8:23am UTC reported:

Assessed Attacker Value: 5
Assessed Attacker Value: 5Assessed Attacker Value: 5

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42820

github.com/C1ph3rX13/CVE-2023-42820

github.com/jumpserver/jumpserver/commit/42337f0d00b2a8d45ef063eb5b7deeef81597da5

github.com/jumpserver/jumpserver/security/advisories/GHSA-7prv-g565-82qp

github.com/Startr4ck/cve-2023-42820

8.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

0.0005 Low

EPSS

Percentile

17.7%

JSON

Related for AKB:4D73D1EB-AE94-4697-A673-32D1D66F26D5