CVE-2015-1814

Опубликовано: 16 окт. 2015

Источник: debian

EPSS Низкий

Описание

The API token-issuing service in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to gain privileges via a "forced API token change" involving anonymous users.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
jenkins	removed			package

Примечания

https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-03-23

EPSS

Процентиль: 47%

0.00239

Низкий

Связанные уязвимости

CVE-2015-1814

ubuntu

больше 10 лет назад

The API token-issuing service in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to gain privileges via a "forced API token change" involving anonymous users.

CVE-2015-1814

redhat

почти 11 лет назад

The API token-issuing service in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to gain privileges via a "forced API token change" involving anonymous users.

CVE-2015-1814

nvd

больше 10 лет назад

The API token-issuing service in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to gain privileges via a "forced API token change" involving anonymous users.

GHSA-3269-jqp5-v8c9

github

больше 3 лет назад

Jenkins allows for Privilege Escalation by Remote Authenticated Users

EPSS

Процентиль: 47%

0.00239

Низкий