JumpServer is an open source bastion host and an operation and maintenance security audit system. An authenticated user can exploit the Insecure Direct Object Reference (IDOR) vulnerability in the file manager's bulk transfer by manipulating job IDs to upload malicious files, potentially compromising the integrity and security of the system. This vulnerability is fixed in v3.10.6.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-03-29T14:45:56.377Z

Updated: 2024-08-02T01:03:51.546Z

Reserved: 2024-03-14T16:59:47.611Z

Link: CVE-2024-29024

cve-icon Vulnrichment

Updated: 2024-08-02T01:03:51.546Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-03-29T15:15:11.707

Modified: 2024-11-21T09:07:23.763

Link: CVE-2024-29024

cve-icon Redhat

No data.