PT-2013-6015 · Jenkins · Jenkins Exclusion Plugin

Mwebber

·

Published

2013-11-25

·

Updated

2022-05-17

·

CVE-2013-6373

CVSS v2.0

5.5

Medium

VectorAV:N/AC:L/Au:S/C:P/I:N/A:P
Name of the Vulnerable Software and Affected Versions Jenkins Exclusion plugin versions prior to 0.9
Description The issue allows remote authenticated users to list and release resources due to improper access prevention to resource locks.
Recommendations For Jenkins Exclusion plugin versions prior to 0.9, update to version 0.9 or later to resolve the issue.

Fix

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-264CWE-284

Related Identifiers

CVE-2013-6373
GHSA-2Q8V-439J-6P77

Affected Products

Jenkins Exclusion Plugin