CVE-2024-29020

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Mar 29, 2024

Updated: Jan 9, 2025

CWE ID 639

Summary

CVE-2024-29020 is a vulnerability affecting JumpServer, an open-source bastion host and security audit system. An attacker who gains authorization can access sensitive information contained within other users' playbook files by learning their playbook_id. This breach exposes confidential data and potentially leads to information disclosure. The vulnerability is resolved in v3.10.6.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Fit2cloud Jumpserver

Affected Vendors

FIT2CLOUD

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/vFj28i
https://www.cve.org/CVERecord?id=CVE-2024-29020
https://nvd.nist.gov/vuln/detail/CVE-2024-29020

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Stimmen aus Moskau: Russian Influence Operations Target German Elections

2024 Malicious Infrastructure Report

2024 Annual Report

Know What Matters

For Customers

For Partners