Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-21640

Опубликовано: 07 апр. 2021
Источник: nvd
CVSS3: 4.3
CVSS2: 4
EPSS Низкий

Описание

Jenkins 2.286 and earlier, LTS 2.277.1 and earlier does not properly check that a newly created view has an allowed name, allowing attackers with View/Create permission to create views with invalid or already-used names.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
Версия до 2.277.1 (включая)
cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*
Версия до 2.286 (включая)

EPSS

Процентиль: 72%
0.00703
Низкий

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты

Связанные уязвимости

ubuntu логотип

CVE-2021-21640

CVSS3: 4.3
ubuntu
почти 5 лет назад

Jenkins 2.286 and earlier, LTS 2.277.1 and earlier does not properly check that a newly created view has an allowed name, allowing attackers with View/Create permission to create views with invalid or already-used names.

redhat логотип

CVE-2021-21640

CVSS3: 4.3
redhat
почти 5 лет назад

Jenkins 2.286 and earlier, LTS 2.277.1 and earlier does not properly check that a newly created view has an allowed name, allowing attackers with View/Create permission to create views with invalid or already-used names.

debian логотип

CVE-2021-21640

CVSS3: 4.3
debian
почти 5 лет назад

Jenkins 2.286 and earlier, LTS 2.277.1 and earlier does not properly c ...

github логотип

GHSA-w2hv-rcqr-2h7r

CVSS3: 4.3
github
больше 3 лет назад

View name validation bypass in Jenkins

EPSS

Процентиль: 72%
0.00703
Низкий

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты