CVE-2023-46123

jumpserver is an open source bastion machine, professional operation and maintenance security audit system that complies with 4A specifications. A flaw in the Core API allows attackers to bypass password brute-force protections by spoofing arbitrary IP addresses. By exploiting this vulnerability, attackers can effectively make unlimited password attempts by altering their apparent IP address for each request. This vulnerability has been patched in version 3.8.0.

CVSS v3 5.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/jumpserver/jumpserver/releases/tag/v3.8.0	Release Notes
https://github.com/jumpserver/jumpserver/security/advisories/GHSA-hvw4-766m-p89f	Exploit Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:fit2cloud:jumpserver:*:*:*:*:*:*:*:*

History

01 Nov 2023, 16:40

Type	Values Removed	Values Added
CPE		cpe:2.3:a:fit2cloud:jumpserver::::::::
First Time		Fit2cloud jumpserver Fit2cloud
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.3
CWE		CWE-307
References	~~(MISC) https://github.com/jumpserver/jumpserver/releases/tag/v3.8.0 -~~	(MISC) https://github.com/jumpserver/jumpserver/releases/tag/v3.8.0 - Release Notes
References	~~(MISC) https://github.com/jumpserver/jumpserver/security/advisories/GHSA-hvw4-766m-p89f -~~	(MISC) https://github.com/jumpserver/jumpserver/security/advisories/GHSA-hvw4-766m-p89f - Exploit, Vendor Advisory

25 Oct 2023, 18:17

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-10-25 18:17

Updated : 2023-12-10 15:14

NVD link : CVE-2023-46123

Mitre link : CVE-2023-46123

CVE.ORG link : CVE-2023-46123

JSON object : View

Products Affected

fit2cloud

jumpserver

CWE

CWE-307

Improper Restriction of Excessive Authentication Attempts

{"id": "CVE-2023-46123", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2023-10-25T18:17:36.330", "references": [{"url": "https://github.com/jumpserver/jumpserver/releases/tag/v3.8.0", "tags": ["Release Notes"], "source": "security-advisories@github.com"}, {"url": "https://github.com/jumpserver/jumpserver/security/advisories/GHSA-hvw4-766m-p89f", "tags": ["Exploit", "Vendor Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-307"}]}, {"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-307"}]}], "descriptions": [{"lang": "en", "value": "jumpserver is an open source bastion machine, professional operation and maintenance security audit system that complies with 4A specifications. A flaw in the Core API allows attackers to bypass password brute-force protections by spoofing arbitrary IP addresses. By exploiting this vulnerability, attackers can effectively make unlimited password attempts by altering their apparent IP address for each request. This vulnerability has been patched in version 3.8.0.\n\n"}, {"lang": "es", "value": "jumpserver es una m\u00e1quina basti\u00f3n de c\u00f3digo abierto, un sistema profesional de auditor\u00eda de seguridad de operaci\u00f3n y mantenimiento que cumple con las especificaciones 4A. Una falla en la API principal permite a los atacantes eludir las protecciones de fuerza bruta de las contrase\u00f1as falsificando direcciones IP arbitrarias. Al explotar esta vulnerabilidad, los atacantes pueden realizar intentos ilimitados de contrase\u00f1a alterando su direcci\u00f3n IP aparente para cada solicitud. Esta vulnerabilidad ha sido parcheada en la versi\u00f3n 3.8.0."}], "lastModified": "2023-11-01T16:40:03.197", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:fit2cloud:jumpserver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2334238D-3986-4AB5-BA6B-89EC14810634", "versionEndExcluding": "3.8.0"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}