Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2015-5318

Опубликовано: 25 нояб. 2015
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 6.8

Описание

Jenkins before 1.638 and LTS before 1.625.2 uses a publicly accessible salt to generate CSRF protection tokens, which makes it easier for remote attackers to bypass the CSRF protection mechanism via a brute force attack.

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

precise

ignored

end of life
precise/esm

DNE

precise was needed
trusty

DNE

trusty/esm

DNE

upstream

released

1.638, 1.625.2
vivid

DNE

vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 18%
0.00058
Низкий

6.8 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2015-5318

redhat
около 10 лет назад

Jenkins before 1.638 and LTS before 1.625.2 uses a publicly accessible salt to generate CSRF protection tokens, which makes it easier for remote attackers to bypass the CSRF protection mechanism via a brute force attack.

nvd логотип

CVE-2015-5318

nvd
около 10 лет назад

Jenkins before 1.638 and LTS before 1.625.2 uses a publicly accessible salt to generate CSRF protection tokens, which makes it easier for remote attackers to bypass the CSRF protection mechanism via a brute force attack.

debian логотип

CVE-2015-5318

debian
около 10 лет назад

Jenkins before 1.638 and LTS before 1.625.2 uses a publicly accessible ...

github логотип

GHSA-3wmv-7php-rhg5

github
больше 3 лет назад

Jenkins Vulnerable to Cross-Site Request Forgery (CSRF) Attack

EPSS

Процентиль: 18%
0.00058
Низкий

6.8 Medium

CVSS2