JumpServer is an open source bastion host and an operation and maintenance security audit system.
An authenticated user can exploit the Insecure Direct Object Reference (IDOR) vulnerability in the file manager's bulk transfer by manipulating job IDs to upload malicious files, potentially compromising the integrity and security of the system. This vulnerability is fixed in v3.10.6.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-03-29T14:45:56.377Z
Updated: 2024-08-02T01:03:51.546Z
Reserved: 2024-03-14T16:59:47.611Z
Link: CVE-2024-29024
Vulnrichment
Updated: 2024-08-02T01:03:51.546Z
NVD
Status : Awaiting Analysis
Published: 2024-03-29T15:15:11.707
Modified: 2024-11-21T09:07:23.763
Link: CVE-2024-29024
Redhat
No data.