CVE-2024-43045

Опубликовано: 07 авг. 2024

Источник: debian

EPSS Низкий

Описание

Jenkins 2.470 and earlier, LTS 2.452.3 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to access other users' "My Views".

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
jenkins	removed			package

EPSS

Процентиль: 68%

0.00567

Низкий

Связанные уязвимости

CVE-2024-43045

CVSS3: 5.4

redhat

больше 1 года назад

Jenkins 2.470 and earlier, LTS 2.452.3 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to access other users' "My Views".

CVE-2024-43045

CVSS3: 6.3

nvd

больше 1 года назад

Jenkins 2.470 and earlier, LTS 2.452.3 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to access other users' "My Views".

GHSA-8pv9-qh96-9hc6

CVSS3: 5.4

github

больше 1 года назад

Jenkins does not perform a permission check in an HTTP endpoint

ROS-20240918-10

CVSS3: 6.3

redos

больше 1 года назад

Множественные уязвимости jenkins

EPSS

Процентиль: 68%

0.00567

Низкий