{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-29T08:16:27.713","vulnerabilities":[{"cve":{"id":"CVE-2023-42442","sourceIdentifier":"security-advisories@github.com","published":"2023-09-15T21:15:11.867","lastModified":"2024-11-21T08:22:32.233","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"JumpServer is an open source bastion host and a professional operation and maintenance security audit system. Starting in version 3.0.0 and prior to versions 3.5.5 and 3.6.4, session replays can download without authentication. Session replays stored in S3, OSS, or other cloud storage are not affected. The api `/api/v1/terminal/sessions/` permission control is broken and can be accessed anonymously. SessionViewSet permission classes set to `[RBACPermission | IsSessionAssignee]`, relation is or, so any permission matched will be allowed. Versions 3.5.5 and 3.6.4 have a fix. After upgrading, visit the api `$HOST/api/v1/terminal/sessions/?limit=1`. The expected http response code is 401 (`not_authenticated`).\n"},{"lang":"es","value":"JumpServer es un host bastión de código abierto y un sistema profesional de auditoría de seguridad de operación y mantenimiento. A partir de la versión 3.0.0 y anteriores a las versiones 3.5.5 y 3.6.4, las repeticiones de sesiones se pueden descargar sin autenticación. Las repeticiones de sesiones almacenadas en S3, OSS u otro almacenamiento en la nube no se ven afectadas. El control de permisos de la API `/api/v1/terminal/sessions/` está broken y se puede acceder a él de forma anónima. Clases de permiso SessionViewSet establecidas en `[RBACPermission | IsSessionAssignee]`, la relación es o, por lo que se permitirá cualquier permiso coincidente. Las versiones 3.5.5 y 3.6.4 tienen una solución. Después de actualizar, visite la API `$HOST/api/v1/terminal/sessions/?limit=1`. El código de respuesta http esperado es 401 (\"not_authenticated\")."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":4.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-287"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fit2cloud:jumpserver:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.0","versionEndExcluding":"3.5.5","matchCriteriaId":"C7BB0ACD-6502-4F86-83CE-31210024EC75"},{"vulnerable":true,"criteria":"cpe:2.3:a:fit2cloud:jumpserver:*:*:*:*:*:*:*:*","versionStartIncluding":"3.6.0","versionEndExcluding":"3.6.4","matchCriteriaId":"D2933823-4D5E-4335-BEF8-E3A3058F1C76"}]}]}],"references":[{"url":"https://github.com/jumpserver/jumpserver/blob/v3.6.1/apps/terminal/api/session/session.py#L91","source":"security-advisories@github.com","tags":["Product"]},{"url":"https://github.com/jumpserver/jumpserver/commit/0a58bba59cd275bab8e0ae58bf4b359fbc5eb74a","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/jumpserver/jumpserver/security/advisories/GHSA-633x-3f4f-v9rw","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]},{"url":"https://github.com/jumpserver/jumpserver/blob/v3.6.1/apps/terminal/api/session/session.py#L91","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/jumpserver/jumpserver/commit/0a58bba59cd275bab8e0ae58bf4b359fbc5eb74a","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://github.com/jumpserver/jumpserver/security/advisories/GHSA-633x-3f4f-v9rw","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Vendor Advisory"]}]}}]}