Lucene search

[email protected]CVE-2013-0330

HistoryMar 19, 2013 - 2:55 p.m.

CVE-2013-0330

2013-03-1914:55:02

[email protected]

web.nvd.nist.gov

cve-2013-0330

jenkins

vulnerability

remote authenticated users

arbitrary jobs

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

6.2 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

65.1%

JSON

Unspecified vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote authenticated users with write access to build arbitrary jobs via unknown attack vectors.

Affected configurations

NVD

Node

jenkinsjenkinsRange≤1.480.2lts

Node

jenkinsjenkinsRange≤1.501

CPENameOperatorVersion
jenkins:jenkinsjenkinsle1.480.2

CPE	Name	Operator	Version
jenkins:jenkins	jenkins	le	1.480.2

References

rhn.redhat.com/errata/RHSA-2013-0638.html

www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb

www.openwall.com/lists/oss-security/2013/02/21/7

www.securityfocus.com/bid/57994

bugzilla.redhat.com/show_bug.cgi?id=914878

wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

6.2 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

65.1%

JSON

Related for CVE-2013-0330

prion1 ubuntucve1 cvelist1 nvd1 openvas2 nessus2 veracode5 redhat1