CVE-2024-40628

Name of the Vulnerable Software and Affected Versions: JumpServer versions prior to 3.10.12 JumpServer versions prior to 4.0.0

Description: JumpServer is an open-source Privileged Access Management (PAM) tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints through a web browser. An attacker can exploit the ansible playbook to read arbitrary files in the celery container, leading to sensitive information disclosure. The Celery container runs as root and has database access, allowing the attacker to steal all secrets for hosts, create a new JumpServer account with admin privileges, or manipulate the database in other ways.

Recommendations: For JumpServer versions prior to 3.10.12, upgrade to version 3.10.12 or later. For JumpServer versions prior to 4.0.0, upgrade to version 4.0.0 or later. As a temporary workaround, consider restricting access to the Celery container to minimize the risk of exploitation.