CVE-2024-43045

Опубликовано: 07 авг. 2024

Источник: debian

Описание

Jenkins 2.470 and earlier, LTS 2.452.3 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to access other users' "My Views".

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
jenkins	removed			package

Связанные уязвимости

CVE-2024-43045

CVSS3: 5.4

redhat

11 месяцев назад

Jenkins 2.470 and earlier, LTS 2.452.3 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to access other users' "My Views".

CVE-2024-43045

CVSS3: 6.3

nvd

11 месяцев назад

Jenkins 2.470 and earlier, LTS 2.452.3 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to access other users' "My Views".

GHSA-8pv9-qh96-9hc6

CVSS3: 5.4

github

11 месяцев назад

Jenkins does not perform a permission check in an HTTP endpoint

ROS-20240918-10

CVSS3: 6.3

redos

9 месяцев назад

Множественные уязвимости jenkins