Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/03/25 8:21 p.m.13 views

CVE-2023-42818

JumpServer is an open source bastion host. When users enable MFA and use a public key for authentication, the Koko SSH server does not verify the corresponding SSH private key. An attacker could exploit a vulnerability by utilizing a disclosed public key to attempt brute-force authentication...

9.8CVSS7.2AI score0.00582EPSS
Exploits1
Circl
Circl
added 2023/09/28 12:41 a.m.6 views

CVE-2023-42818

creationtimestamp| type| source ---|---|--- 2023-09-28 00:41:53+00:00| seen| https://t.me/cibsecurity/71156...

9.8CVSS8.9AI score0.00582EPSS
Exploits1References1
OSV
OSV
added 2023/09/27 8:28 p.m.39 views

CVE-2023-42818 SSH public key login without private key challenge if mfa is enabled in jumpserver

JumpServer is an open source bastion host. When users enable MFA and use a public key for authentication, the Koko SSH server does not verify the corresponding SSH private key. An attacker could exploit a vulnerability by utilizing a disclosed public key to attempt brute-force authentication...

5.4CVSS9AI score0.00582EPSS
Exploits1References4
CVE
CVE
added 2023/09/27 8:28 p.m.75 views

CVE-2023-42818

JumpServer (Koko SSH server) is affected: when MFA is enabled and a public key is used, the SSH private key is not verified, enabling brute-force attempts with a disclosed key. Patched in JumpServer versions 3.6.5 and 3.5.6; upgrade is advised. Multiple connected sources corroborate the issue and...

9.8CVSS7.4AI score0.00582EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2023/09/27 8:28 p.m.33 views

CVE-2023-42818 SSH public key login without private key challenge if mfa is enabled in jumpserver

JumpServer is an open source bastion host. When users enable MFA and use a public key for authentication, the Koko SSH server does not verify the corresponding SSH private key. An attacker could exploit a vulnerability by utilizing a disclosed public key to attempt brute-force authentication...

5.4CVSS9.7AI score0.00582EPSS
Exploits1References2
Rows per page
Query Builder