9.6 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
61.9%
An issue in Jumpserver before 2.6.2, before 2.5.4, before 2.4.5 allows attackers to create a connection token through an API which does not have access control and use it to access sensitive assets.
blog.fit2cloud.com/?p=1764
mp.weixin.qq.com/s/5tgcaIrnDnGP-LvWPw9YCg
s.tencent.com/research/bsafe/1228.html