Appspider Plugin 漏洞

时间轴

版本

1.0.04
1.0.14
1.0.24
1.0.34
1.0.44

修正

Official Fix0
Temporary Fix0
Workaround0
Unavailable0
Not Defined4

易受攻击性

High0
Functional0
Proof-of-Concept0
Unproven0
Not Defined4

访问向量

Not Defined0
Physical0
Local0
Adjacent3
Network1

身份验证

Not Defined0
High0
Low3
None1

用户交互

Not Defined0
Required1
None3

C3BM Index

去年

CVSSv3 Base

≤10
≤20
≤30
≤41
≤53
≤60
≤70
≤80
≤90
≤100

CVSSv3 Temp

≤10
≤20
≤30
≤41
≤53
≤60
≤70
≤80
≤90
≤100

VulDB

≤10
≤20
≤30
≤42
≤51
≤61
≤70
≤80
≤90
≤100

NVD

≤10
≤20
≤30
≤40
≤51
≤61
≤70
≤80
≤90
≤100

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

供应商

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

零日攻击

<1k1
<2k3
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

本日攻击

<1k4
<2k0
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

攻击市场容量

去年

🔴 CTI 活动

Affected Versions (16): 1, 1.0.1, 1.0.2, 1.0.3, 1.0.4, 1.0.5, 1.0.6, 1.0.7, 1.0.8, 1.0.9, 1.0.11, 1.0.12, 1.0.13, 1.0.14, 1.0.15, 1.0.16

Link to Product Website: https://jenkins.io/

软件类型: Continuous Integration Software

已发布BaseTemp漏洞0day今天修正CTICVE
2024-03-063.53.5Jenkins AppSpider Plugin HTTP Endpoint 权限升级$0-$5k$0-$5kNot DefinedNot Defined0.02CVE-2024-28155
2023-05-174.34.3AppSpider Plugin HTTP POST Request 跨网站请求伪造$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2023-32998
2023-05-174.94.9AppSpider Plugin 权限升级$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2023-32999
2020-11-044.54.5AppSpider Plugin Configuration File 权限升级$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2020-2314

上一步一览下一步

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!