exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2017-2613

больше 7 лет назад

jenkins before versions 2.44, 2.32.2 is vulnerable to a user creation CSRF using GET by admins. While this user record was only retained until restart in most cases, administrators' web browsers could be manipulated to create a large number of user records (SECURITY-406). Accessing these URLs now no longer results in a user record getting created, Jenkins will respond with 404 Not Found if no such user exists. When using the internal Jenkins user database, new users can be created via Manage Jenkins » Manage Users.

CVSS3: 5.4

EPSS: Низкий

CVE-2017-2613

около 9 лет назад

jenkins before versions 2.44, 2.32.2 is vulnerable to a user creation CSRF using GET by admins. While this user record was only retained until restart in most cases, administrators' web browsers could be manipulated to create a large number of user records (SECURITY-406).

CVSS3: 5.4

EPSS: Низкий

CVE-2017-2613

больше 7 лет назад

jenkins before versions 2.44, 2.32.2 is vulnerable to a user creation CSRF using GET by admins. While this user record was only retained until restart in most cases, administrators' web browsers could be manipulated to create a large number of user records (SECURITY-406).

CVSS3: 5.4

EPSS: Низкий

CVE-2017-2613

больше 7 лет назад

jenkins before versions 2.44, 2.32.2 is vulnerable to a user creation ...

CVSS3: 5.4

EPSS: Низкий

GHSA-pwv6-872c-gcg6

больше 3 лет назад

Cross-Site Request Forgery in Jenkins

CVSS3: 5.4

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2017-2613 jenkins before versions 2.44, 2.32.2 is vulnerable to a user creation CSRF using GET by admins. While this user record was only retained until restart in most cases, administrators' web browsers could be manipulated to create a large number of user records (SECURITY-406). Accessing these URLs now no longer results in a user record getting created, Jenkins will respond with 404 Not Found if no such user exists. When using the internal Jenkins user database, new users can be created via Manage Jenkins » Manage Users.	CVSS3: 5.4	0% Низкий	больше 7 лет назад
CVE-2017-2613 jenkins before versions 2.44, 2.32.2 is vulnerable to a user creation CSRF using GET by admins. While this user record was only retained until restart in most cases, administrators' web browsers could be manipulated to create a large number of user records (SECURITY-406).	CVSS3: 5.4	0% Низкий	около 9 лет назад
CVE-2017-2613 jenkins before versions 2.44, 2.32.2 is vulnerable to a user creation CSRF using GET by admins. While this user record was only retained until restart in most cases, administrators' web browsers could be manipulated to create a large number of user records (SECURITY-406).	CVSS3: 5.4	0% Низкий	больше 7 лет назад
CVE-2017-2613 jenkins before versions 2.44, 2.32.2 is vulnerable to a user creation ...	CVSS3: 5.4	0% Низкий	больше 7 лет назад
GHSA-pwv6-872c-gcg6 Cross-Site Request Forgery in Jenkins	CVSS3: 5.4	0% Низкий	больше 3 лет назад

Уязвимостей на страницу