What is CVE-2023-42818?

CVE-2023-42818 is a vulnerability in JumpServer, an open source bastion host, that allows an attacker to perform brute-force authentication when users enable MFA and use a public key for authentication.

How severe is CVE-2023-42818?

CVE-2023-42818 has a severity rating of 9.8 (critical).

Which software versions are affected by CVE-2023-42818?

CVE-2023-42818 affects Fit2cloud Jumpserver versions up to and including 3.6.5 (inclusive).

Where can I find more information about CVE-2023-42818?

You can find more information about CVE-2023-42818 at https://github.com/jumpserver/jumpserver/security/advisories/GHSA-jv3c-27cv-w8jv.

Vulnerability/
CVE-2023-42818

critical

9.8

CWE

307 287

27/9/2023

23/9/2024

CVE-2023-42818: SSH public key login without private key challenge if mfa is enabled in jumpserver

Q: How can an attacker exploit CVE-2023-42818?

An attacker can exploit CVE-2023-42818 by utilizing a disclosed public key to attempt brute-force authentication against the Koko SSH server.

First published: Wed Sep 27 2023(Updated: )

JumpServer is an open source bastion host. When users enable MFA and use a public key for authentication, the Koko SSH server does not verify the corresponding SSH private key. An attacker could exploit a vulnerability by utilizing a disclosed public key to attempt brute-force authentication against the SSH service This issue has been patched in versions 3.6.5 and 3.5.6. Users are advised to upgrade. There are no known workarounds for this issue.

Credit: security-advisories@github.com security-advisories@github.com

Affected Software	Affected Version	How to fix
Fit2cloud Jumpserver	<3.5.6
Fit2cloud Jumpserver	>=3.6.0<3.6.5

Never miss a vulnerability like this again

Reference Links

https://github.com/jumpserver/jumpserver/security/advisories/GHSA-jv3c-27cv-w8jv

Frequently Asked Questions

What is CVE-2023-42818?
CVE-2023-42818 is a vulnerability in JumpServer, an open source bastion host, that allows an attacker to perform brute-force authentication when users enable MFA and use a public key for authentication.
How severe is CVE-2023-42818?
CVE-2023-42818 has a severity rating of 9.8 (critical).
Which software versions are affected by CVE-2023-42818?
CVE-2023-42818 affects Fit2cloud Jumpserver versions up to and including 3.6.5 (inclusive).
How can an attacker exploit CVE-2023-42818?
An attacker can exploit CVE-2023-42818 by utilizing a disclosed public key to attempt brute-force authentication against the Koko SSH server.
Where can I find more information about CVE-2023-42818?
You can find more information about CVE-2023-42818 at https://github.com/jumpserver/jumpserver/security/advisories/GHSA-jv3c-27cv-w8jv.

collector/nvd-api
collector/nvd-index
agent/type
agent/weakness
agent/author
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/references
agent/title
agent/severity
agent/last-modified-date
agent/tags
agent/description
agent/event
agent/first-publish-date
vendor/fit2cloud
canonical/fit2cloud jumpserver
version/fit2cloud jumpserver/3.6.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.