Описание
The remoting module in Jenkins before 2.32 and LTS before 2.19.3 allows remote attackers to execute arbitrary code via a crafted serialized Java object, which triggers an LDAP query to a third-party server.
Ссылки
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Vendor Advisory
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Vendor Advisory
- Vendor Advisory
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Одно из
EPSS
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
Связанные уязвимости
The remoting module in Jenkins before 2.32 and LTS before 2.19.3 allows remote attackers to execute arbitrary code via a crafted serialized Java object, which triggers an LDAP query to a third-party server.
The remoting module in Jenkins before 2.32 and LTS before 2.19.3 allows remote attackers to execute arbitrary code via a crafted serialized Java object, which triggers an LDAP query to a third-party server.
The remoting module in Jenkins before 2.32 and LTS before 2.19.3 allow ...
Improper Neutralization of Special Elements used in an LDAP Query in Jenkins
EPSS
9.8 Critical
CVSS3
7.5 High
CVSS2