Patch NOW !!

Critical: CVE-2024-40628 and CVE-2024-40629 :: CVSS Score 10

JumpServer File Read and Upload Vulnerability

Advisories:

https://github.com/jumpserver/jumpserver/security/advisories/GHSA-3wgp-q8m7-v33v

https://github.com/jumpserver/jumpserver/security/advisories/GHSA-rpf7-g4xh-84v9

https://nsfocusglobal.com/jumpserver-file-read-and-upload-vulnerability-cve-2024-40628-cve-2024-40629-notification/

#PatchNOW

#JumpServer

#ComputerSecurity

#hacked

#Cyberattack

#infosec

#informationsecurity

#CyberSecurityAwareness

#DataBreach

#tech

#Privacy

#Cybersecurity

Arbitrary File Write in Ansible Playbooks leads to RCE

### Impact An attacker can exploit the Ansible playbook to write arbitrary files, leading to remote code execution (RCE) in the Celery container. The Celery container runs as root and has databa...

GitHub
Jul 31, 2024 at 4:40amWeb