PT-2013-2241 · Cloudbees+1 · Jenkins

Kurt Seifried

·

Publicado

2013-03-19

·

Atualizado

2022-05-05

·

CVE-2013-0330

CVSS v4.0

5.3

Média

VetorAV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
Name of the Vulnerable Software and Affected Versions Jenkins versions prior to 1.502 Jenkins LTS versions prior to 1.480.3
Description The issue allows remote authenticated users with write access to build arbitrary jobs. The attack vectors for this issue are not specified.
Recommendations For versions prior to 1.502, update to version 1.502 or later. For LTS versions prior to 1.480.3, update to version 1.480.3 or later.

Correção

Improper Access Control

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-284

Identificadores relacionados

CVE-2013-0330
GHSA-25C5-58XW-HW5Q
RHSA-2013:0638

Produtos afetados

Jenkins