Описание
Jenkins 2.335 through 2.355 (both inclusive) allows attackers in some cases to bypass a protection mechanism, thereby directly accessing some view fragments containing sensitive information, bypassing any permission checks in the corresponding view.
Отчет
This vulnerability affects the Jenkins 2.335 through 2.355 (both inclusive). Red Hat products use Jenkins version 2.319 which is NOT affected by this vulnerability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat OpenShift Container Platform 3.11 | jenkins | Not affected | ||
| Red Hat OpenShift Container Platform 4 | jenkins | Not affected |
Показывать по
Дополнительная информация
Статус:
7.5 High
CVSS3
Связанные уязвимости
Jenkins 2.335 through 2.355 (both inclusive) allows attackers in some cases to bypass a protection mechanism, thereby directly accessing some view fragments containing sensitive information, bypassing any permission checks in the corresponding view.
Jenkins 2.335 through 2.355 (both inclusive) allows attackers in some ...
7.5 High
CVSS3