exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2018-1999001

больше 7 лет назад

A unauthorized modification of configuration vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in User.java that allows attackers to provide crafted login credentials that cause Jenkins to move the config.xml file from the Jenkins home directory. If Jenkins is started without this file present, it will revert to the legacy defaults of granting administrator access to anonymous users.

CVSS3: 8.8

EPSS: Средний

CVE-2018-1999001

больше 7 лет назад

A unauthorized modification of configuration vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in User.java that allows attackers to provide crafted login credentials that cause Jenkins to move the config.xml file from the Jenkins home directory. If Jenkins is started without this file present, it will revert to the legacy defaults of granting administrator access to anonymous users.

CVSS3: 8.8

EPSS: Средний

CVE-2018-1999001

больше 7 лет назад

A unauthorized modification of configuration vulnerability exists in J ...

CVSS3: 8.8

EPSS: Средний

GHSA-j8qv-mj4r-6fw4

больше 3 лет назад

Improper Input Validation in Jenkins

CVSS3: 8.8

EPSS: Средний

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2018-1999001 A unauthorized modification of configuration vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in User.java that allows attackers to provide crafted login credentials that cause Jenkins to move the config.xml file from the Jenkins home directory. If Jenkins is started without this file present, it will revert to the legacy defaults of granting administrator access to anonymous users.	CVSS3: 8.8	27% Средний	больше 7 лет назад
CVE-2018-1999001 A unauthorized modification of configuration vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in User.java that allows attackers to provide crafted login credentials that cause Jenkins to move the config.xml file from the Jenkins home directory. If Jenkins is started without this file present, it will revert to the legacy defaults of granting administrator access to anonymous users.	CVSS3: 8.8	27% Средний	больше 7 лет назад
CVE-2018-1999001 A unauthorized modification of configuration vulnerability exists in J ...	CVSS3: 8.8	27% Средний	больше 7 лет назад
GHSA-j8qv-mj4r-6fw4 Improper Input Validation in Jenkins	CVSS3: 8.8	27% Средний	больше 3 лет назад

Уязвимостей на страницу