ByteOS Network

NVD Vulnerability Details :

CVE-2015-1807

Modified

Source-secalert@redhat.com

Published At-16 Oct, 2015 | 20:59

Updated At-06 May, 2026 | 22:30

Directory traversal vulnerability in Jenkins before 1.600 and LTS before 1.596.1 allows remote authenticated users with certain permissions to read arbitrary files via a symlink, related to building artifacts.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	3.5	LOW	AV:N/AC:M/Au:S/C:P/I:N/A:N

Type: Primary

Version: 2.0

Base score: 3.5

Base severity: LOW

Vector:

AV:N/AC:M/Au:S/C:P/I:N/A:N

CPE Matches

Jenkins

>>jenkins>>Versions up to 1.580.3(inclusive)

cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*

Jenkins

>>jenkins>>Versions up to 1.599(inclusive)

cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*

Red Hat, Inc.

>>openshift>>Versions up to 3.1(inclusive)

cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-22	Primary	nvd@nist.gov

CWE ID: CWE-22

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
http://rhn.redhat.com/errata/RHSA-2015-1844.html	secalert@redhat.com	N/A
https://access.redhat.com/errata/RHSA-2016:0070	secalert@redhat.com	N/A
https://bugzilla.redhat.com/show_bug.cgi?id=1205622	secalert@redhat.com	N/A
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27	secalert@redhat.com	Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2015-1844.html	af854a3a-2127-422b-91ae-364da2661108	N/A
https://access.redhat.com/errata/RHSA-2016:0070	af854a3a-2127-422b-91ae-364da2661108	N/A
https://bugzilla.redhat.com/show_bug.cgi?id=1205622	af854a3a-2127-422b-91ae-364da2661108	N/A
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory