CVE-2024-40628

CVE-2024-40628—JumpServer arbitrary file read : The vulnerability arises from exploiting an ansible playbook to read files inside the celery container, which runs as root and has database access. This can lead to sensitive data disclosure, theft of host secrets, creation of admin JumpServer accou...

CVE-2024-40629 Arbitrary File Write in Ansible Playbooks leads to RCE in Jumpserver

JumpServer is an open-source Privileged Access Management PAM tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints through a web browser. An attacker can exploit the Ansible playbook to write arbitrary files, leading to...

CVE-2024-40629 Arbitrary File Write in Ansible Playbooks leads to RCE in Jumpserver

JumpServer is an open-source Privileged Access Management PAM tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints through a web browser. An attacker can exploit the Ansible playbook to write arbitrary files, leading to...

CVE-2024-40629

CVE-2024-40629 affects JumpServer PAM. An attacker can misuse an Ansible playbook to write arbitrary files, triggering remote code execution in the Celery container. The Celery container runs as root and has database access, enabling access to secrets and the possibility to create an admin JumpSe...

remoteapp.mashreq.com Cross Site Scripting vulnerability OBB-3481014

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

October 26, 2021—KB5006745 (OS Build 20348.320) Preview

October 26, 2021—KB5006745 OS Build 20348.320 Preview Improvements and fixes This non-security update includes quality improvements. Key changes include: Addresses a regression that might cause stop error 0x38 on some machine configurations that use non-ASCII text in the registry. Addresses an...

Printing preferences window appears behind a RemoteApp window in Windows 7 or Windows Server 2008 R2

Printing preferences window appears behind a RemoteApp window in Windows 7 or Windows Server 2008 R2 This article describes a problem that occurs when you select a printing preferences option in Windows 7 Service Pack 1 SP1 or Windows Server 2008 R2 SP1. An update and a hotfix are available to...

Error 0x800401f0 when you update RemoteApp and Desktop Connections feeds in Windows 7 or Windows Server 2008 R2

Error 0x800401f0 when you update RemoteApp and Desktop Connections feeds in Windows 7 or Windows Server 2008 R2 Symptoms Consider the following scenario: You have update 2857650 installed on a computer that is running Windows 7 Service Pack 1 SP1 or Windows Server 2008 R2 SP1. You subscribe to a...

September 28, 2017—KB4038801 (OS Build 14393.1737)

September 28, 2017—KB4038801 OS Build 14393.1737 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Updated the BitLocker.psm1 PowerShell script to not log passwords when logging is enabled...

Microsoft Bounty Programs Expansion - Bounty for Defense, Authentication Bonus, and RemoteApp

I am very pleased to be releasing additional expansions of the Microsoft Bounty Programs. Please stop by the Microsoft Networking Lounge at Black Hat, August 5-6, to learn more about these programs; or, visit https://aka.ms/BugBounty. We are raising the Bounty for Defense maximum from $50,000 USD...

MS15-004 Microsoft Remote Desktop Services Web Proxy IE Sandbox Escape

This module abuses a process creation policy in Internet Explorer's sandbox; specifically, Microsoft's RemoteApp and Desktop Connections runtime proxy, TSWbPrxy.exe. This vulnerability allows the attacker to escape the Protected Mode and execute code with Medium Integrity. At the moment, this...