7 matches found
CVE-2024-40629
JumpServer is an open-source Privileged Access Management PAM tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints through a web browser. An attacker can exploit the Ansible playbook to write arbitrary files, leading to...
CVE-2024-40629
creationtimestamp| type| source ---|---|--- 2024-07-18 20:08:23+00:00| seen| https://t.me/cvedetector/1166 2024-07-22 10:18:14+00:00| published-proof-of-concept| https://t.me/HackingInsights/6892 2024-08-01 17:20:44+00:00| seen| https://t.me/ViralCyber/4068 2024-08-04 18:47:46+00:00| seen|...
CVE-2024-40629
JumpServer is an open-source Privileged Access Management PAM tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints through a web browser. An attacker can exploit the Ansible playbook to write arbitrary files, leading to...
CVE-2024-40629 Arbitrary File Write in Ansible Playbooks leads to RCE in Jumpserver
JumpServer is an open-source Privileged Access Management PAM tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints through a web browser. An attacker can exploit the Ansible playbook to write arbitrary files, leading to...
CVE-2024-40629
CVE-2024-40629 affects JumpServer PAM. An attacker can misuse an Ansible playbook to write arbitrary files, triggering remote code execution in the Celery container. The Celery container runs as root and has database access, enabling access to secrets and the possibility to create an admin JumpSe...
CVE-2024-40629 Arbitrary File Write in Ansible Playbooks leads to RCE in Jumpserver
JumpServer is an open-source Privileged Access Management PAM tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints through a web browser. An attacker can exploit the Ansible playbook to write arbitrary files, leading to...
CVE-2024-40629 Arbitrary File Write in Ansible Playbooks leads to RCE in Jumpserver
JumpServer is an open-source Privileged Access Management PAM tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints through a web browser. An attacker can exploit the Ansible playbook to write arbitrary files, leading to...