Test Kennung:	1.3.6.1.4.1.25623.1.0.112332
Kategorie:	Web application abuses
Titel:	Jenkins < 2.133 and < 2.121.2 LTS Multiple Vulnerabilities - Windows
Zusammenfassung:	Jenkins is prone to multiple vulnerabilities.
Beschreibung:	Summary: Jenkins is prone to multiple vulnerabilities. Vulnerability Insight: Jenkins is prone to the following vulnerabilities: - Users without Overall/Read permission can have Jenkins reset parts of global configuration on the next restart (CVE-2018-1999001). - Arbitrary file read vulnerability (CVE-2018-1999002). - Unauthorized users could cancel queued builds (CVE-2018-1999003). - Unauthorized users could initiate and abort agent launches (CVE-2018-1999004). - Stored XSS vulnerability (CVE-2018-1999005). - Unauthorized users are able to determine when a plugin was extracted from its JPI package (CVE-2018-1999006). - XSS vulnerability in Stapler debug mode (CVE-2018-1999007). Affected Software/OS: Jenkins LTS up to and including 2.121.1, Jenkins weekly up to and including 2.132. Solution: Upgrade to Jenkins weekly to 2.132 or later / Jenkins LTS to 2.121.2 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2018-1999001 Common Vulnerability Exposure (CVE) ID: CVE-2018-1999002 Common Vulnerability Exposure (CVE) ID: CVE-2018-1999003 Common Vulnerability Exposure (CVE) ID: CVE-2018-1999004 Common Vulnerability Exposure (CVE) ID: CVE-2018-1999005 Common Vulnerability Exposure (CVE) ID: CVE-2018-1999006 Common Vulnerability Exposure (CVE) ID: CVE-2018-1999007
Copyright	Copyright (C) 2018 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.