Описание
Jenkins Exposure of Sensitive Information to an Unauthorized Actor vulnerability
Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to enumerate user names via vectors related to login attempts.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2014-3662
- https://access.redhat.com/errata/RHBA-2014:1630
- https://access.redhat.com/errata/RHSA-2016:0070
- https://access.redhat.com/security/cve/CVE-2014-3662
- https://bugzilla.redhat.com/show_bug.cgi?id=1147759
- https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01
Пакеты
org.jenkins-ci.main:jenkins-core
>= 1.566, < 1.583
1.583
org.jenkins-ci.main:jenkins-core
< 1.565.3
1.565.3
Связанные уязвимости
Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to enumerate user names via vectors related to login attempts.
Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to enumerate user names via vectors related to login attempts.
Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to enumerate user names via vectors related to login attempts.
Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to ...