Описание
An improper authorization vulnerability exists in Jenkins Subversion Plugin version 2.10.2 and earlier in SubversionStatus.java and SubversionRepositoryStatus.java that allows an attacker with network access to obtain a list of nodes and users.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.10.2 (включая)
cpe:2.3:a:jenkins:subversion:*:*:*:*:*:jenkins:*:*
EPSS
Процентиль: 11%
0.00038
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-863
Связанные уязвимости
CVSS3: 5.3
redhat
почти 8 лет назад
An improper authorization vulnerability exists in Jenkins Subversion Plugin version 2.10.2 and earlier in SubversionStatus.java and SubversionRepositoryStatus.java that allows an attacker with network access to obtain a list of nodes and users.
CVSS3: 5.3
github
больше 3 лет назад
Jenkins Subversion Plugin Incorrect Authorization vulnerability
EPSS
Процентиль: 11%
0.00038
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-863