COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2023-48193

CVE-2023-48193

Severity
critical
Source
NVD · cve
Published
2023-11-28
CVSS
9.8
Reference
https://nvd.nist.gov/vuln/detail/CVE-2023-48193
⚡ RCE shame 50/100 rce

Insecure Permissions vulnerability in JumpServer GPLv3 v.3.8.0 allows a remote attacker to execute arbitrary code via bypassing the command filtering function. NOTE: this is disputed because command filtering is not intended to restrict what code can be run by authorized users wh

Players implicated

fit2cloud · vendorjumpserver · product

Description

Insecure Permissions vulnerability in JumpServer GPLv3 v.3.8.0 allows a remote attacker to execute arbitrary code via bypassing the command filtering function. NOTE: this is disputed because command filtering is not intended to restrict what code can be run by authorized users who are allowed to execute files.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.