JumpServer 安全漏洞

JumpServer is an open source bastion machine from China's Hangzhou Feizhiyun Information Technology Co. A security vulnerability exists in JumpServer versions prior to v3.10.6. The vulnerability stems from the fact that an authenticated user can upload malicious files via job IDs, compromising th...

CVE-2023-46326

ZStack Cloud version 3.10.38 and before allows unauthenticated API access to the list of active job UUIDs and the session ID for each of these. This leads to privilege escalation...

ZStack Security Vulnerabilities

ZStack is an open source IaaS Infrastructure as a Service software designed to automate data centers and manage compute, storage, and network resources through APIs. A security vulnerability exists in ZStack Cloud 3.10.38 and earlier versions that stems from allowing unauthenticated API access to...

CVE-2021-26988

Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12, 9.7P8 and 9.8 are susceptible to a vulnerability which could allow unauthorized tenant users to discover information related to converting a 7-Mode directory to Cluster-mode such as Storage Virtual Machine SVM names, volume names,...