CVE-2025-27095

Exploit

EPSS 0.29%
Veröffentlicht 31.03.2025 16:15:23
Zuletzt bearbeitet 12.11.2025 15:50:12
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

JumpServer has a Kubernetes Token Leak Vulnerability

JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to 4.8.0 and 3.10.18, an attacker with a low-privileged account can access the Kubernetes session feature and manipulate the kubeconfig file to redirect API requests to an external server controlled by the attacker. This allows the attacker to intercept and capture the Kubernetes cluster token. This can potentially allow unauthorized access to the cluster and compromise its security. This vulnerability is fixed in 4.8.0 and 3.10.18.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

NVD 2 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Fit2cloud ≫ Jumpserver Version < 3.10.18

Fit2cloud ≫ Jumpserver Version >= 4.0.0 < 4.8.0

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.29%	0.2

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
security-advisories@github.com	4.3	2.8	1.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE-266 Incorrect Privilege Assignment

A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

https://github.com/jumpserver/jumpserver/security/advisories/GHSA-5q9w-f4wh-f535

Vendor Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2025-27095

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-27095

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-27095

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-27095