CVE-2024-43045

Опубликовано: 07 авг. 2024

Источник: debian

EPSS Низкий

Описание

Jenkins 2.470 and earlier, LTS 2.452.3 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to access other users' "My Views".

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
jenkins	removed			package

EPSS

Процентиль: 12%

0.00041

Низкий

Связанные уязвимости

CVE-2024-43045

CVSS3: 5.4

redhat

около 1 года назад

Jenkins 2.470 and earlier, LTS 2.452.3 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to access other users' "My Views".

CVE-2024-43045

CVSS3: 6.3

nvd

около 1 года назад

Jenkins 2.470 and earlier, LTS 2.452.3 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to access other users' "My Views".

GHSA-8pv9-qh96-9hc6

CVSS3: 5.4

github

около 1 года назад

Jenkins does not perform a permission check in an HTTP endpoint

ROS-20240918-10

CVSS3: 6.3

redos

12 месяцев назад

Множественные уязвимости jenkins

EPSS

Процентиль: 12%

0.00041

Низкий