Описание
The Fingerprints pages in Jenkins before 1.638 and LTS before 1.625.2 might allow remote attackers to obtain sensitive job and build name information via a direct request.
Ссылки
- Third Party Advisory
- Third Party Advisory
- Vendor Advisory
- Third Party Advisory
- Third Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.637 (включая)
cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*
Конфигурация 2Версия до 1.625.1 (включая)
cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
Конфигурация 3
cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
Конфигурация 4Версия до 3.1 (включая)
cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*
EPSS
Процентиль: 96%
0.27392
Средний
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-200
CWE-200
Связанные уязвимости
CVSS3: 7.5
ubuntu
около 10 лет назад
The Fingerprints pages in Jenkins before 1.638 and LTS before 1.625.2 might allow remote attackers to obtain sensitive job and build name information via a direct request.
redhat
около 10 лет назад
The Fingerprints pages in Jenkins before 1.638 and LTS before 1.625.2 might allow remote attackers to obtain sensitive job and build name information via a direct request.
CVSS3: 7.5
debian
около 10 лет назад
The Fingerprints pages in Jenkins before 1.638 and LTS before 1.625.2 ...
CVSS3: 7.5
github
больше 3 лет назад
Jenkins discloses project names via fingerprints
EPSS
Процентиль: 96%
0.27392
Средний
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-200
CWE-200