Описание
Jenkins allows attackers to obtain the master cryptographic key
Unspecified vulnerability in Jenkins before 1.498, Jenkins LTS before 1.480.2, and Jenkins Enterprise 1.447.x before 1.447.6.1 and 1.466.x before 1.466.12.1, when a slave is attached and anonymous read access is enabled, allows remote attackers to obtain the master cryptographic key via unknown vectors.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2013-0158
- https://github.com/jenkinsci/jenkins/commit/3dc13b957b14cec649036e8dd517f0f9cb21fb04
- https://github.com/jenkinsci/jenkins/commit/4895eaafca468b7f0f1a3166b2fca7414f0d5da5
- https://github.com/jenkinsci/jenkins/commit/48ecccc1669f325acf72953923f9d9620b2590e3
- https://github.com/jenkinsci/jenkins/commit/56e4b6e287046e4ad2a02f8bd70225a86e74bd34
- https://github.com/jenkinsci/jenkins/commit/7983ae3baea779df18862623d594744b8d285392
- https://github.com/jenkinsci/jenkins/commit/94a8789b699132dd706021a6be1b78bc47f19602
- https://github.com/jenkinsci/jenkins/commit/9fb6c2ca0c73b43cc2e6d08c09707ee67005e526
- https://github.com/jenkinsci/jenkins/commit/a411b0c3b32eb314d5a26b64de1b3d5db2760443
- https://github.com/jenkinsci/jenkins/commit/a9aff088f327278a8873aef47fa8f80d3c5932fd
- https://github.com/jenkinsci/jenkins/commit/c3d8e05a1b3d58b6c4dcff97394cb3a79608b4b2
- https://github.com/jenkinsci/jenkins/commit/e401c7cfe7b28b6ff9d0893e89c2568596b96915
- https://bugzilla.redhat.com/show_bug.cgi?id=892795
- https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-01-04
- http://rhn.redhat.com/errata/RHSA-2013-0220.html
- http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-01-04.cb
- http://www.openwall.com/lists/oss-security/2013/01/07/4
Пакеты
org.jenkins-ci.main:jenkins-core
>= 1.481, < 1.498
1.498
org.jenkins-ci.main:jenkins-core
< 1.480.2
1.480.2
EPSS
CVE ID
Связанные уязвимости
Unspecified vulnerability in Jenkins before 1.498, Jenkins LTS before 1.480.2, and Jenkins Enterprise 1.447.x before 1.447.6.1 and 1.466.x before 1.466.12.1, when a slave is attached and anonymous read access is enabled, allows remote attackers to obtain the master cryptographic key via unknown vectors.
Unspecified vulnerability in Jenkins before 1.498, Jenkins LTS before 1.480.2, and Jenkins Enterprise 1.447.x before 1.447.6.1 and 1.466.x before 1.466.12.1, when a slave is attached and anonymous read access is enabled, allows remote attackers to obtain the master cryptographic key via unknown vectors.
Unspecified vulnerability in Jenkins before 1.498, Jenkins LTS before 1.480.2, and Jenkins Enterprise 1.447.x before 1.447.6.1 and 1.466.x before 1.466.12.1, when a slave is attached and anonymous read access is enabled, allows remote attackers to obtain the master cryptographic key via unknown vectors.
Unspecified vulnerability in Jenkins before 1.498, Jenkins LTS before ...
EPSS