Main Vulnerability Database Vulnerabilities #VU128134

Improper Authentication in JumpServer - CVE-2023-43652

Published: September 27, 2023 / Updated: April 27, 2026

Vulnerability identifier: #VU128134

CSH Severity: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2023-43652

CWE-ID: CWE-287

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
JumpServer

Software vendor:
JumpServer

Description

The vulnerability allows a remote attacker to gain access to the current user's information and authorized actions.

The vulnerability exists due to improper authentication in the authentication token API for the KoKo component when handling SSH public key login validation requests. A remote attacker can submit a username and a leaked SSH public key to gain access to the current user's information and authorized actions.

The API does not verify the source of requests before generating a personal authentication token.

Remediation

Install security update from vendor's website.

External links

https://github.com/jumpserver/jumpserver/security/advisories/GHSA-fr8h-xh5x-r8g9

Improper Authentication in JumpServer - CVE-2023-43652

Description

Remediation

External links

Please verify you're human