PT-2018-9291 · Jenkins · Jenkins Mercurial Plugin+1

Publicado

2018-03-13

·

Atualizado

2022-05-13

·

CVE-2018-1000112

CVSS v3.1

5.3

Média

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Name of the Vulnerable Software and Affected Versions: Jenkins Mercurial Plugin versions 2.2 and earlier
Description: An improper authorization issue exists that allows an attacker with network access to obtain a list of nodes and users.
Recommendations: For Jenkins Mercurial Plugin versions 2.2 and earlier, update to a version later than 2.2 to resolve the issue.

Correção

Incorrect Authorization

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-863

Identificadores relacionados

CVE-2018-1000112
GHSA-F9CX-789C-W2MR

Produtos afetados

Jenkins
Jenkins Mercurial Plugin