CVE-2023-46123

jumpserver is vulnerable to password brute-force protection bypass via arbitrary IP values

Severity Score

5.3

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Attend

*SSVC

Descriptions

jumpserver is an open source bastion machine, professional operation and maintenance security audit system that complies with 4A specifications. A flaw in the Core API allows attackers to bypass password brute-force protections by spoofing arbitrary IP addresses. By exploiting this vulnerability, attackers can effectively make unlimited password attempts by altering their apparent IP address for each request. This vulnerability has been patched in version 3.8.0.

jumpserver es una máquina bastión de código abierto, un sistema profesional de auditoría de seguridad de operación y mantenimiento que cumple con las especificaciones 4A. Una falla en la API principal permite a los atacantes eludir las protecciones de fuerza bruta de las contraseñas falsificando direcciones IP arbitrarias. Al explotar esta vulnerabilidad, los atacantes pueden realizar intentos ilimitados de contraseña alterando su dirección IP aparente para cada solicitud. Esta vulnerabilidad ha sido parcheada en la versión 3.8.0.

*Credits: N/A

CVSS Scores

NISTv3.1 5.3

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:Attend

Exploitation

Poc

Automatable

Yes

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2023-10-16 CVE Reserved
2023-10-25 CVE Published
2023-11-02 EPSS Updated
2024-09-10 CVE Updated
2024-09-10 First Exploit
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-307: Improper Restriction of Excessive Authentication Attempts

CAPEC

References (2)

URL	Tag	Source
https://github.com/jumpserver/jumpserver/releases/tag/v3.8.0	Release Notes

URL	Date	SRC
https://github.com/jumpserver/jumpserver/security/advisories/GHSA-hvw4-766m-p89f	2024-09-10

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Fit2cloud Search vendor "Fit2cloud"		Jumpserver Search vendor "Fit2cloud" for product "Jumpserver"				< 3.8.0 Search vendor "Fit2cloud" for product "Jumpserver" and version " < 3.8.0"		-		Affected