Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2018-1000067

Опубликовано: 14 фев. 2018
Источник: redhat
CVSS3: 6.4

Описание

An improper authorization vulnerability exists in Jenkins versions 2.106 and earlier, and LTS 2.89.3 and earlier, that allows an attacker to have Jenkins submit HTTP GET requests and get limited information about the response.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat OpenShift Enterprise 3jenkinsAffected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-287
https://bugzilla.redhat.com/show_bug.cgi?id=1545899jenkins: Improperly secured form validation for proxy configuration allows Server-Side Request Forgery

6.4 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2018-1000067

CVSS3: 5.3
ubuntu
почти 8 лет назад

An improper authorization vulnerability exists in Jenkins versions 2.106 and earlier, and LTS 2.89.3 and earlier, that allows an attacker to have Jenkins submit HTTP GET requests and get limited information about the response.

nvd логотип

CVE-2018-1000067

CVSS3: 5.3
nvd
почти 8 лет назад

An improper authorization vulnerability exists in Jenkins versions 2.106 and earlier, and LTS 2.89.3 and earlier, that allows an attacker to have Jenkins submit HTTP GET requests and get limited information about the response.

debian логотип

CVE-2018-1000067

CVSS3: 5.3
debian
почти 8 лет назад

An improper authorization vulnerability exists in Jenkins versions 2.1 ...

github логотип

GHSA-6mv9-hcx5-7mhh

CVSS3: 5.3
github
больше 3 лет назад

Server-Side Request Forgery in Jenkins

6.4 Medium

CVSS3