Cloudbees Jenkins Luki w zabezpieczeniach

Oś czasu

Wersja

1.637	10
1.532.1	9
1.550	9
1.549	8
2.0	7

Przeciwdziałanie

Official Fix	66
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	2

Wykorzystywanie

High	2
Functional	0
Proof-of-Concept	1
Unproven	0
Not Defined	65

Wektor dostępu

Not Defined	0
Physical	0
Local	0
Adjacent	0
Network	68

Uwierzytelnianie

Not Defined	0
High	0
Low	18
None	50

Interakcja z użytkownikiem

Not Defined	0
Required	41
None	27

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	5
≤5	21
≤6	14
≤7	12
≤8	11
≤9	3
≤10	2

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	5
≤5	21
≤6	24
≤7	10
≤8	4
≤9	2
≤10	2

VulDB

≤1	0
≤2	0
≤3	0
≤4	5
≤5	21
≤6	11
≤7	11
≤8	14
≤9	4
≤10	2

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	4
≤6	2
≤7	3
≤8	2
≤9	3
≤10	3

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Sprzedawca

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploit 0-day

<1k	16
<2k	28
<5k	24
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Wykorzystaj dzisiaj

<1k	68
<2k	0
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Affected Versions (29): 1.309, 1.399, 1.423, 1.424, 1.424.0.1, 1.424.1, 1.424.2, 1.424.3, 1.424.4, 1.466, 1.480, 1.509, 1.513, 1.523, 1.532.1, 1.549, 1.550, 1.586, 1.625, 1.625.1, 1.637, 1.639, 1.649, 2.0, 2.1, 2.2, 2.150.2.3, LTS 1.651, LTS 1.651.1

Link to Product Website: https://www.cloudbees.com/

Typ oprogramowania: Continuous Integration Software

Opublikowano	Base	Temp	Słaby punkt	0day	Dzisiaj	Wyk	Prz	CTI	CVE
2019-04-19	7.5	7.5	CloudBees Jenkins Operations Center Configuration Page Credentials privilege escalation	$0-$5k	$0-$5k	Not Defined	Not Defined	0.04	CVE-2019-11350
2016-05-17	5.9	5.7	CloudBees Jenkins API URL xml information disclosure	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2016-3727
2016-05-17	7.4	7.2	CloudBees Jenkins Redirect	$0-$5k	$0-$5k	Not Defined	Official Fix	0.02	CVE-2016-3726
2016-05-17	5.9	5.7	CloudBees Jenkins Updater privilege escalation	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2016-3725
2016-05-17	7.0	6.8	CloudBees Jenkins Job Configuration Password information disclosure	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2016-3724
2016-05-17	5.9	5.7	CloudBees Jenkins XML/JSON API Endpoint information disclosure	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2016-3723
2016-05-17	5.9	5.7	CloudBees Jenkins Full Name privilege escalation	$0-$5k	$0-$5k	Not Defined	Official Fix	0.02	CVE-2016-3722
2016-05-17	7.0	6.8	CloudBees Jenkins Build Parameter Privilege Escalation	$0-$5k	$0-$5k	Not Defined	Official Fix	0.02	CVE-2016-3721
2016-04-07	7.5	7.4	CloudBees Jenkins API privilege escalation	$0-$5k	$0-$5k	High	Official Fix	0.03	CVE-2016-0792
2016-04-07	9.8	9.6	CloudBees Jenkins CSRF Token Verification information disclosure	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2016-0791

58 więcej wpisów nie jest pokazywanych

🔒 Login Required

You need to signup and login to see more of the remaining 58 results.

więcej wpisów autorstwa Cloudbees

◂ PoprzedniPrzeglądKolejny ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!