PT-2016-5679 · Cloudbees+1 · Jenkins
Steve Marlowe
·
Publicado
2016-05-17
·
Atualizado
2022-05-14
·
CVE-2016-3722
CVSS v3.1
4.3
Média
| Vetor | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
Jenkins versions prior to 2.3
Jenkins LTS versions prior to 1.651.2
Description
The issue allows remote authenticated users with multiple accounts to cause a denial of service, resulting in an inability to login, by editing the
full name.Recommendations
For Jenkins versions prior to 2.3, update to version 2.3 or later.
For Jenkins LTS versions prior to 1.651.2, update to version 1.651.2 or later.
Correção
DoS
Incorrect Authorization
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Jenkins