Описание
Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers with read access and HTTP access to Jenkins master to insert data and execute arbitrary code.
Ссылки
- Mailing ListThird Party Advisory
- Issue TrackingThird Party Advisory
- Third Party Advisory
- Vendor Advisory
- Mailing ListThird Party Advisory
- Issue TrackingThird Party Advisory
- Third Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.466.2 (исключая)Версия до 1.482 (исключая)
Одно из
cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*
EPSS
Процентиль: 78%
0.01121
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-20
Связанные уязвимости
CVSS3: 8.8
ubuntu
около 6 лет назад
Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers with read access and HTTP access to Jenkins master to insert data and execute arbitrary code.
redhat
больше 13 лет назад
Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers with read access and HTTP access to Jenkins master to insert data and execute arbitrary code.
CVSS3: 8.8
debian
около 6 лет назад
Jenkins main before 1.482 and LTS before 1.466.2 allows remote attacke ...
CVSS3: 8.8
github
почти 4 года назад
Jenkins allows Data Insertion and Execution of Code by those with Read and HTTP Access
EPSS
Процентиль: 78%
0.01121
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-20