Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

NVD
NVDadded 2024/03/29 3:15 p.m.10 views

CVE-2024-29202

JumpServer is an open source bastion host and an operation and maintenance security audit system. Attackers can exploit a Jinja2 template injection vulnerability in JumpServer's Ansible to execute arbitrary code within the Celery container. Since the Celery container runs with root privileges and...

9.9CVSS9.5AI score0.79984EPSS
Exploits1References2
NVD
NVDadded 2024/03/29 3:15 p.m.13 views

CVE-2024-29201

JumpServer is an open source bastion host and an operation and maintenance security audit system. Attackers can bypass the input validation mechanism in JumpServer's Ansible to execute arbitrary code within the Celery container. Since the Celery container runs with root privileges and has databas...

9.9CVSS9.6AI score0.66493EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2024/03/29 2:57 p.m.19 views

CVE-2024-29202 JumpServer vulnerable to Jinja2 template injection in Ansible leads to RCE in Celery

JumpServer is an open source bastion host and an operation and maintenance security audit system. Attackers can exploit a Jinja2 template injection vulnerability in JumpServer's Ansible to execute arbitrary code within the Celery container. Since the Celery container runs with root privileges and...

9.9CVSS9.5AI score0.79984EPSS
Exploits1References2
CVE
CVEadded 2024/03/29 2:57 p.m.85 views

CVE-2024-29202

CVE-2024-29202 concerns JumpServer, an open source bastion host. Multiple connected sources confirm a Jinja2 template injection in JumpServer’s Ansible component that allows arbitrary code execution inside the Celery container. The Celery container reportedly runs with root privileges and has acc...

9.9CVSS9.5AI score0.79984EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2024/03/29 2:57 p.m.20 views

CVE-2024-29201 JumpServer's insecure Ansible playbook validation leads to RCE in Celery

JumpServer is an open source bastion host and an operation and maintenance security audit system. Attackers can bypass the input validation mechanism in JumpServer's Ansible to execute arbitrary code within the Celery container. Since the Celery container runs with root privileges and has databas...

9.9CVSS9.7AI score0.66493EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2024/03/29 2:57 p.m.20 views

CVE-2024-29201 JumpServer's insecure Ansible playbook validation leads to RCE in Celery

JumpServer is an open source bastion host and an operation and maintenance security audit system. Attackers can bypass the input validation mechanism in JumpServer's Ansible to execute arbitrary code within the Celery container. Since the Celery container runs with root privileges and has databas...

9.9CVSS7.5AI score0.66493EPSS
Exploits1References2
Rows per page
Query Builder