Описание
Jenkins before 1.638 and LTS before 1.625.2 do not properly restrict access to API tokens which might allow remote administrators to gain privileges and run scripts by using an API token of another user.
Дополнительная информация
Статус:
Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1282366jenkins: API tokens of other users available to admins (SECURITY-200)
EPSS
Процентиль: 42%
0.00201
Низкий
3.6 Low
CVSS2
Связанные уязвимости
ubuntu
около 10 лет назад
Jenkins before 1.638 and LTS before 1.625.2 do not properly restrict access to API tokens which might allow remote administrators to gain privileges and run scripts by using an API token of another user.
nvd
около 10 лет назад
Jenkins before 1.638 and LTS before 1.625.2 do not properly restrict access to API tokens which might allow remote administrators to gain privileges and run scripts by using an API token of another user.
debian
около 10 лет назад
Jenkins before 1.638 and LTS before 1.625.2 do not properly restrict a ...
EPSS
Процентиль: 42%
0.00201
Низкий
3.6 Low
CVSS2