CVE-2015-5320 in Jenkinsinformación

Resumen (Inglés)

CloudBees Jenkins before 1.638 and LTS before 1.625.2 do not properly verify the shared secret used in JNLP slave connections, which allows remote attackers to connect as slaves and obtain sensitive information or possibly gain administrative access by leveraging knowledge of the name of a slave.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservar

2015-07-01

Divulgación

2015-11-25

Estado

Confirmado

Voces

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerabilidad	CWE	Exp	Con	CVE
79321	CloudBees Jenkins JNLP Slave Connection divulgación de información	200	No está definido	Arreglo oficial	CVE-2015-5320

Descripción

CPE

CWE

CVSS

Hazañas

Historia

Diferencia

Relacionar

Inteligencia de amenazas

API JSON

API XML

API CSV

Fuentes

MITRE
NVD
CVE Details

◂ AnteriorVisión De ConjuntoPróximo ▸

Do you know our Splunk app?

Download it now for free!