Описание
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier prints an error stack trace on agent-related pages when agent connections are broken, potentially revealing information about Jenkins configuration that is otherwise inaccessible to attackers.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.375.4 (исключая)Версия до 2.394 (исключая)
Одно из
cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*
EPSS
Процентиль: 58%
0.00368
Низкий
5.3 Medium
CVSS3
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 5.3
redhat
почти 3 года назад
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier prints an error stack trace on agent-related pages when agent connections are broken, potentially revealing information about Jenkins configuration that is otherwise inaccessible to attackers.
CVSS3: 5.3
debian
почти 3 года назад
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier prints an error sta ...
CVSS3: 3.1
github
почти 3 года назад
Information disclosure through error stack traces related to agents
EPSS
Процентиль: 58%
0.00368
Низкий
5.3 Medium
CVSS3
Дефекты
NVD-CWE-noinfo