CVE-2024-24763

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Feb 20, 2024

Updated: Dec 17, 2024

CWE ID 601

Summary

CVE-2024-24763 is a vulnerability affecting JumpServer, an open-source bastion host and security audit system. Before version 3.10.0, this software was susceptible to phishing and cross-site scripting attacks. Attackers could craft malicious links, inducing unsuspecting users to click on them. This vulnerability has been addressed in version 3.10.0, which includes a patch. Currently, there are no known workarounds for mitigating this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Jumpserver
Fit2cloud Jumpserver

Affected Vendors

FIT2CLOUD

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/uVGiIS
https://www.cve.org/CVERecord?id=CVE-2024-24763
https://nvd.nist.gov/vuln/detail/CVE-2024-24763

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners