Vulnerability in JumpServer's Kubernetes Session Feature Allows Unauthorized Access

CVE-2025-27095

What is CVE-2025-27095?

CVE-2025-27095 is a vulnerability found in JumpServer, an open-source bastion host and an operations and maintenance security audit system designed to provide secure access management and monitoring for various IT resources. This vulnerability allows an attacker with a low-privileged account to exploit the Kubernetes session feature. By manipulating the kubeconfig file, the attacker can redirect API requests to an external, malicious server, which can lead to unauthorized access to the Kubernetes cluster. The implications of this vulnerability are serious, as it can compromise the security of Kubernetes-managed resources within an organization.

Technical Details

The vulnerability specifically affects versions prior to 4.8.0 and 3.10.18 of JumpServer. An attacker with minimal privileges can access the Kubernetes session ability and alter the kubeconfig file. This alteration enables the attacker to route API requests to an external server, which they control. Consequently, the attacker can intercept and capture the Kubernetes cluster token, facilitating unauthorized access and manipulation of the cluster’s resources.

Potential impact of CVE-2025-27095

1. Unauthorized Access to Kubernetes Clusters: Attackers can gain unauthorized access to sensitive Kubernetes clusters, leading to potential data breaches and compromise of critical resources.

2. Manipulation of API Requests: With the ability to redirect API requests, attackers can perform unauthorized actions within the Kubernetes cluster, including the deployment of malicious software or other security threats.

3. Risk of Information Leakage: The interception of cluster tokens can lead to significant information leakage, including exposure of sensitive data and operational details, which can be leveraged for further attacks or exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References