Product
jamf
10 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2023-31224
CVE-2022-29564
CVE-2021-40809
CVE-2021-39303
CVE-2021-35037
CVE-2021-30125
CVE-2019-17076
CVE-2018-10465
CVE-2019-9146
CVE-2012-4051
< 10.47.0
There is broken access control during authentication in Jamf Pro Server before 10.46.1.
< 2022-05-16
Jamf Private Access before 2022-05-16 has Incorrect Access Control, in which an unauthorized user can reach a system in the intern
< 10.32.0
An issue was discovered in Jamf Pro before 10.32.0, aka PI-009921. An account can be granted incorrect privileges in response to a
< 10.32.0
The server in Jamf Pro before 10.32.0 has an SSRF vulnerability, aka PI-006352. NOTE: Jamf Nation will also publish an article abo
< 10.30.1
Jamf Pro before 10.30.1 allows for an unvalidated URL redirect vulnerability affecting Jamf Pro customers who host their environme
< 10.28.0
Jamf Pro before 10.28.0 allows XSS related to inventory history, aka PI-009376.
>= 9.4 and <= 9.101.4
An issue was discovered in Jamf Pro 9.x and 10.x before 10.15.1. Deserialization of untrusted data when parsing JSON in several AP
>= 10.0.0 and < 10.3.0
Jamf Pro 10.x before 10.3.0 has Incorrect Access Control. Jamf Pro user accounts and groups with access to log in to Jamf Pro had
all versions
Jamf Self Service 10.9.0 allows man-in-the-middle attackers to obtain a root shell by leveraging the "publish Bash shell scripts"
<= 8.6
Multiple cross-site request forgery (CSRF) vulnerabilities in editAccount.html in the JAMF Software Server (JSS) interface in JAMF