Описание
BuildTrigger in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to bypass access restrictions and execute arbitrary jobs by configuring a job to trigger another job. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7330.
Ссылки
- Patch
- Vendor Advisory
- Patch
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.532.1 (включая)
cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
Конфигурация 2Версия до 1.550 (включая)
cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
EPSS
Процентиль: 18%
0.00056
Низкий
6.5 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
ubuntu
больше 11 лет назад
BuildTrigger in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to bypass access restrictions and execute arbitrary jobs by configuring a job to trigger another job. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7330.
debian
больше 11 лет назад
BuildTrigger in Jenkins before 1.551 and LTS before 1.532.2 allows rem ...
EPSS
Процентиль: 18%
0.00056
Низкий
6.5 Medium
CVSS2
Дефекты
CWE-264