Описание
The Exclusion plugin before 0.9 for Jenkins does not properly prevent access to resource locks, which allows remote authenticated users to list and release resources via unspecified vectors.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 0.8 (включая)
Одно из
cpe:2.3:a:jenkins-ci:exclusion:*:-:*:*:*:cloudbees_jenkins:*:*
cpe:2.3:a:jenkins-ci:exclusion:0.6:-:*:*:*:cloudbees_jenkins:*:*
cpe:2.3:a:jenkins-ci:exclusion:0.7:-:*:*:*:cloudbees_jenkins:*:*
EPSS
Процентиль: 60%
0.00403
Низкий
5.5 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
ubuntu
около 12 лет назад
The Exclusion plugin before 0.9 for Jenkins does not properly prevent access to resource locks, which allows remote authenticated users to list and release resources via unspecified vectors.
redhat
около 12 лет назад
The Exclusion plugin before 0.9 for Jenkins does not properly prevent access to resource locks, which allows remote authenticated users to list and release resources via unspecified vectors.
debian
около 12 лет назад
The Exclusion plugin before 0.9 for Jenkins does not properly prevent ...
EPSS
Процентиль: 60%
0.00403
Низкий
5.5 Medium
CVSS2
Дефекты
CWE-264