Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2013-0158

Summary
Assigner-redhat
Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749
Published At-24 Feb, 2013 | 22:00
Updated At-06 Aug, 2024 | 14:18
Rejected At-
Credits

Unspecified vulnerability in Jenkins before 1.498, Jenkins LTS before 1.480.2, and Jenkins Enterprise 1.447.x before 1.447.6.1 and 1.466.x before 1.466.12.1, when a slave is attached and anonymous read access is enabled, allows remote attackers to obtain the master cryptographic key via unknown vectors.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:redhat
Assigner Org ID:53f830b8-0a3f-465b-8143-3b8a9948e749
Published At:24 Feb, 2013 | 22:00
Updated At:06 Aug, 2024 | 14:18
Rejected At:
▼CVE Numbering Authority (CNA)

Unspecified vulnerability in Jenkins before 1.498, Jenkins LTS before 1.480.2, and Jenkins Enterprise 1.447.x before 1.447.6.1 and 1.466.x before 1.466.12.1, when a slave is attached and anonymous read access is enabled, allows remote attackers to obtain the master cryptographic key via unknown vectors.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/jenkinsci/jenkins/commit/3dc13b957b14cec649036e8dd517f0f9cb21fb04
x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2013-0220.html
vendor-advisory
x_refsource_REDHAT
https://github.com/jenkinsci/jenkins/commit/c3d8e05a1b3d58b6c4dcff97394cb3a79608b4b2
x_refsource_CONFIRM
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-01-04
x_refsource_CONFIRM
https://github.com/jenkinsci/jenkins/commit/4895eaafca468b7f0f1a3166b2fca7414f0d5da5
x_refsource_CONFIRM
https://github.com/jenkinsci/jenkins/commit/a9aff088f327278a8873aef47fa8f80d3c5932fd
x_refsource_CONFIRM
https://github.com/jenkinsci/jenkins/commit/94a8789b699132dd706021a6be1b78bc47f19602
x_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2013/01/07/4
mailing-list
x_refsource_MLIST
https://bugzilla.redhat.com/show_bug.cgi?id=892795
x_refsource_MISC
http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-01-04.cb
x_refsource_CONFIRM
Hyperlink: https://github.com/jenkinsci/jenkins/commit/3dc13b957b14cec649036e8dd517f0f9cb21fb04
Resource:
x_refsource_CONFIRM
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-0220.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://github.com/jenkinsci/jenkins/commit/c3d8e05a1b3d58b6c4dcff97394cb3a79608b4b2
Resource:
x_refsource_CONFIRM
Hyperlink: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-01-04
Resource:
x_refsource_CONFIRM
Hyperlink: https://github.com/jenkinsci/jenkins/commit/4895eaafca468b7f0f1a3166b2fca7414f0d5da5
Resource:
x_refsource_CONFIRM
Hyperlink: https://github.com/jenkinsci/jenkins/commit/a9aff088f327278a8873aef47fa8f80d3c5932fd
Resource:
x_refsource_CONFIRM
Hyperlink: https://github.com/jenkinsci/jenkins/commit/94a8789b699132dd706021a6be1b78bc47f19602
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.openwall.com/lists/oss-security/2013/01/07/4
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=892795
Resource:
x_refsource_MISC
Hyperlink: http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-01-04.cb
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/jenkinsci/jenkins/commit/3dc13b957b14cec649036e8dd517f0f9cb21fb04
x_refsource_CONFIRM
x_transferred
http://rhn.redhat.com/errata/RHSA-2013-0220.html
vendor-advisory
x_refsource_REDHAT
x_transferred
https://github.com/jenkinsci/jenkins/commit/c3d8e05a1b3d58b6c4dcff97394cb3a79608b4b2
x_refsource_CONFIRM
x_transferred
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-01-04
x_refsource_CONFIRM
x_transferred
https://github.com/jenkinsci/jenkins/commit/4895eaafca468b7f0f1a3166b2fca7414f0d5da5
x_refsource_CONFIRM
x_transferred
https://github.com/jenkinsci/jenkins/commit/a9aff088f327278a8873aef47fa8f80d3c5932fd
x_refsource_CONFIRM
x_transferred
https://github.com/jenkinsci/jenkins/commit/94a8789b699132dd706021a6be1b78bc47f19602
x_refsource_CONFIRM
x_transferred
http://www.openwall.com/lists/oss-security/2013/01/07/4
mailing-list
x_refsource_MLIST
x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=892795
x_refsource_MISC
x_transferred
http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-01-04.cb
x_refsource_CONFIRM
x_transferred
Hyperlink: https://github.com/jenkinsci/jenkins/commit/3dc13b957b14cec649036e8dd517f0f9cb21fb04
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-0220.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: https://github.com/jenkinsci/jenkins/commit/c3d8e05a1b3d58b6c4dcff97394cb3a79608b4b2
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-01-04
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://github.com/jenkinsci/jenkins/commit/4895eaafca468b7f0f1a3166b2fca7414f0d5da5
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://github.com/jenkinsci/jenkins/commit/a9aff088f327278a8873aef47fa8f80d3c5932fd
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://github.com/jenkinsci/jenkins/commit/94a8789b699132dd706021a6be1b78bc47f19602
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.openwall.com/lists/oss-security/2013/01/07/4
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=892795
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-01-04.cb
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secalert@redhat.com
Published At:24 Feb, 2013 | 22:55
Updated At:11 Apr, 2025 | 00:51

Unspecified vulnerability in Jenkins before 1.498, Jenkins LTS before 1.480.2, and Jenkins Enterprise 1.447.x before 1.447.6.1 and 1.466.x before 1.466.12.1, when a slave is attached and anonymous read access is enabled, allows remote attackers to obtain the master cryptographic key via unknown vectors.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.02.6LOW
AV:N/AC:H/Au:N/C:P/I:N/A:N
Type: Primary
Version: 2.0
Base score: 2.6
Base severity: LOW
Vector:
AV:N/AC:H/Au:N/C:P/I:N/A:N
CPE Matches
cloudbees
cloudbees
>>jenkins>>Versions up to 1.480.3.1(inclusive)
cpe:2.3:a:cloudbees:jenkins:*:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.400
cpe:2.3:a:jenkins:jenkins:1.400:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.401
cpe:2.3:a:jenkins:jenkins:1.401:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.402
cpe:2.3:a:jenkins:jenkins:1.402:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.403
cpe:2.3:a:jenkins:jenkins:1.403:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.404
cpe:2.3:a:jenkins:jenkins:1.404:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.405
cpe:2.3:a:jenkins:jenkins:1.405:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.406
cpe:2.3:a:jenkins:jenkins:1.406:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.407
cpe:2.3:a:jenkins:jenkins:1.407:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.408
cpe:2.3:a:jenkins:jenkins:1.408:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.409
cpe:2.3:a:jenkins:jenkins:1.409:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.410
cpe:2.3:a:jenkins:jenkins:1.410:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.411
cpe:2.3:a:jenkins:jenkins:1.411:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.412
cpe:2.3:a:jenkins:jenkins:1.412:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.413
cpe:2.3:a:jenkins:jenkins:1.413:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.414
cpe:2.3:a:jenkins:jenkins:1.414:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.415
cpe:2.3:a:jenkins:jenkins:1.415:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.416
cpe:2.3:a:jenkins:jenkins:1.416:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.417
cpe:2.3:a:jenkins:jenkins:1.417:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.418
cpe:2.3:a:jenkins:jenkins:1.418:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.419
cpe:2.3:a:jenkins:jenkins:1.419:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.420
cpe:2.3:a:jenkins:jenkins:1.420:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.421
cpe:2.3:a:jenkins:jenkins:1.421:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.422
cpe:2.3:a:jenkins:jenkins:1.422:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.423
cpe:2.3:a:jenkins:jenkins:1.423:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.424
cpe:2.3:a:jenkins:jenkins:1.424:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.425
cpe:2.3:a:jenkins:jenkins:1.425:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.426
cpe:2.3:a:jenkins:jenkins:1.426:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.427
cpe:2.3:a:jenkins:jenkins:1.427:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.428
cpe:2.3:a:jenkins:jenkins:1.428:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.429
cpe:2.3:a:jenkins:jenkins:1.429:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.430
cpe:2.3:a:jenkins:jenkins:1.430:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.431
cpe:2.3:a:jenkins:jenkins:1.431:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.432
cpe:2.3:a:jenkins:jenkins:1.432:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.433
cpe:2.3:a:jenkins:jenkins:1.433:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.434
cpe:2.3:a:jenkins:jenkins:1.434:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.435
cpe:2.3:a:jenkins:jenkins:1.435:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.436
cpe:2.3:a:jenkins:jenkins:1.436:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.437
cpe:2.3:a:jenkins:jenkins:1.437:*:*:*:*:*:*:*
cloudbees
cloudbees
>>jenkins>>1.466.1.2
cpe:2.3:a:cloudbees:jenkins:1.466.1.2:-:enterprise:*:*:*:*:*
cloudbees
cloudbees
>>jenkins>>1.466.2.1
cpe:2.3:a:cloudbees:jenkins:1.466.2.1:-:enterprise:*:*:*:*:*
cloudbees
cloudbees
>>jenkins>>1.400
cpe:2.3:a:cloudbees:jenkins:1.400:-:lts:*:*:*:*:*
cloudbees
cloudbees
>>jenkins>>1.424
cpe:2.3:a:cloudbees:jenkins:1.424:-:lts:*:*:*:*:*
cloudbees
cloudbees
>>jenkins>>1.447
cpe:2.3:a:cloudbees:jenkins:1.447:-:lts:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>Versions up to 1.466.2(inclusive)
cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.409.1
cpe:2.3:a:jenkins:jenkins:1.409.1:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.409.2
cpe:2.3:a:jenkins:jenkins:1.409.2:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.409.3
cpe:2.3:a:jenkins:jenkins:1.409.3:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.424.1
cpe:2.3:a:jenkins:jenkins:1.424.1:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>1.424.2
cpe:2.3:a:jenkins:jenkins:1.424.2:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://rhn.redhat.com/errata/RHSA-2013-0220.htmlsecalert@redhat.com
N/A
http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-01-04.cbsecalert@redhat.com
Vendor Advisory
http://www.openwall.com/lists/oss-security/2013/01/07/4secalert@redhat.com
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=892795secalert@redhat.com
N/A
https://github.com/jenkinsci/jenkins/commit/3dc13b957b14cec649036e8dd517f0f9cb21fb04secalert@redhat.com
N/A
https://github.com/jenkinsci/jenkins/commit/4895eaafca468b7f0f1a3166b2fca7414f0d5da5secalert@redhat.com
N/A
https://github.com/jenkinsci/jenkins/commit/94a8789b699132dd706021a6be1b78bc47f19602secalert@redhat.com
N/A
https://github.com/jenkinsci/jenkins/commit/a9aff088f327278a8873aef47fa8f80d3c5932fdsecalert@redhat.com
N/A
https://github.com/jenkinsci/jenkins/commit/c3d8e05a1b3d58b6c4dcff97394cb3a79608b4b2secalert@redhat.com
N/A
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-01-04secalert@redhat.com
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2013-0220.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-01-04.cbaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.openwall.com/lists/oss-security/2013/01/07/4af854a3a-2127-422b-91ae-364da2661108
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=892795af854a3a-2127-422b-91ae-364da2661108
N/A
https://github.com/jenkinsci/jenkins/commit/3dc13b957b14cec649036e8dd517f0f9cb21fb04af854a3a-2127-422b-91ae-364da2661108
N/A
https://github.com/jenkinsci/jenkins/commit/4895eaafca468b7f0f1a3166b2fca7414f0d5da5af854a3a-2127-422b-91ae-364da2661108
N/A
https://github.com/jenkinsci/jenkins/commit/94a8789b699132dd706021a6be1b78bc47f19602af854a3a-2127-422b-91ae-364da2661108
N/A
https://github.com/jenkinsci/jenkins/commit/a9aff088f327278a8873aef47fa8f80d3c5932fdaf854a3a-2127-422b-91ae-364da2661108
N/A
https://github.com/jenkinsci/jenkins/commit/c3d8e05a1b3d58b6c4dcff97394cb3a79608b4b2af854a3a-2127-422b-91ae-364da2661108
N/A
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-01-04af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-0220.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-01-04.cb
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2013/01/07/4
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=892795
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://github.com/jenkinsci/jenkins/commit/3dc13b957b14cec649036e8dd517f0f9cb21fb04
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://github.com/jenkinsci/jenkins/commit/4895eaafca468b7f0f1a3166b2fca7414f0d5da5
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://github.com/jenkinsci/jenkins/commit/94a8789b699132dd706021a6be1b78bc47f19602
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://github.com/jenkinsci/jenkins/commit/a9aff088f327278a8873aef47fa8f80d3c5932fd
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://github.com/jenkinsci/jenkins/commit/c3d8e05a1b3d58b6c4dcff97394cb3a79608b4b2
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-01-04
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-0220.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-01-04.cb
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2013/01/07/4
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=892795
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://github.com/jenkinsci/jenkins/commit/3dc13b957b14cec649036e8dd517f0f9cb21fb04
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://github.com/jenkinsci/jenkins/commit/4895eaafca468b7f0f1a3166b2fca7414f0d5da5
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://github.com/jenkinsci/jenkins/commit/94a8789b699132dd706021a6be1b78bc47f19602
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://github.com/jenkinsci/jenkins/commit/a9aff088f327278a8873aef47fa8f80d3c5932fd
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://github.com/jenkinsci/jenkins/commit/c3d8e05a1b3d58b6c4dcff97394cb3a79608b4b2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-01-04
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

2Records found
CVE-2017-1000092
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.15% / 35.73%
||
7 Day CHG~0.00%
Published-04 Oct, 2017 | 01:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Git Plugin connects to a user-specified Git repository as part of form validation. An attacker with no direct access to Jenkins but able to guess at a username/password credentials ID could trick a developer with job configuration permissions into following a link with a maliciously crafted Jenkins URL which would result in the Jenkins Git client sending the username and password to an attacker-controlled server.

Action-Not Available
Vendor-n/aJenkins
Product-gitn/a
CWE ID-CWE-352
Cross-Site Request Forgery (CSRF)
CVE-2019-10397
Matching Score-8
Assigner-Jenkins Project
ShareView Details
Matching Score-8
Assigner-Jenkins Project
CVSS Score-3.1||LOW
EPSS-0.03% / 7.81%
||
7 Day CHG~0.00%
Published-12 Sep, 2019 | 13:55
Updated-04 Aug, 2024 | 22:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Jenkins Aqua Security Serverless Scanner Plugin 1.0.4 and earlier transmitted configured passwords in plain text as part of job configuration forms, potentially resulting in their exposure.

Action-Not Available
Vendor-Jenkins
Product-aqua_security_severless_scannerJenkins Aqua Security Serverless Scanner Plugin
CWE ID-CWE-319
Cleartext Transmission of Sensitive Information
Details not found