Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.112332 |
Kategorie: | Web application abuses |
Titel: | Jenkins < 2.133 and < 2.121.2 LTS Multiple Vulnerabilities - Windows |
Zusammenfassung: | Jenkins is prone to multiple vulnerabilities. |
Beschreibung: | Summary: Jenkins is prone to multiple vulnerabilities. Vulnerability Insight: Jenkins is prone to the following vulnerabilities: - Users without Overall/Read permission can have Jenkins reset parts of global configuration on the next restart (CVE-2018-1999001). - Arbitrary file read vulnerability (CVE-2018-1999002). - Unauthorized users could cancel queued builds (CVE-2018-1999003). - Unauthorized users could initiate and abort agent launches (CVE-2018-1999004). - Stored XSS vulnerability (CVE-2018-1999005). - Unauthorized users are able to determine when a plugin was extracted from its JPI package (CVE-2018-1999006). - XSS vulnerability in Stapler debug mode (CVE-2018-1999007). Affected Software/OS: Jenkins LTS up to and including 2.121.1, Jenkins weekly up to and including 2.132. Solution: Upgrade to Jenkins weekly to 2.132 or later / Jenkins LTS to 2.121.2 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2018-1999001 Common Vulnerability Exposure (CVE) ID: CVE-2018-1999002 Common Vulnerability Exposure (CVE) ID: CVE-2018-1999003 Common Vulnerability Exposure (CVE) ID: CVE-2018-1999004 Common Vulnerability Exposure (CVE) ID: CVE-2018-1999005 Common Vulnerability Exposure (CVE) ID: CVE-2018-1999006 Common Vulnerability Exposure (CVE) ID: CVE-2018-1999007 |
Copyright | Copyright (C) 2018 Greenbone Networks GmbH |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |