Lucene search
HistoryNov 25, 2015 - 8:59 p.m.
CVE-2014-3665
jenkins
cve
2014
3665
remote code execution
nvd
4.9 Medium
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.02 Low
EPSS
Percentile
89.0%
Jenkins before 1.587 and LTS before 1.580.1 do not properly ensure trust separation between a master and slaves, which might allow remote attackers to execute arbitrary code on the master by leveraging access to the slave.
| CPE | Name | Operator | Version |
|---|---|---|---|
| jenkins:jenkins | jenkins | le | 1.586 |
| jenkins:jenkins | jenkins | le | 1.565.3 |
Related
openvas
openvas
Jenkins Remote Code Execution Vulnerability (Nov 2014) - Linux
2016-08-05 00:00:00
Jenkins Remote Code Execution Vulnerability (Nov 2014) - Windows
2015-12-15 00:00:00
cvelist
cvelist
CVE-2014-3665
2015-11-25 20:00:00
CVE-2015-5325
2015-11-25 20:00:00
prion
prion
Code injection
2015-11-25 20:59:00
Code injection
2015-11-25 20:59:00
veracode
veracode
Arbitrary Code Execution
2019-05-02 04:56:01
osv
osv
Jenkins improperly ensures trust separation
2022-05-17 03:53:35
ubuntucve
ubuntucve
CVE-2014-3665
2015-11-25 00:00:00
CVE-2015-5325
2015-11-25 00:00:00
github
github
Jenkins improperly ensures trust separation
2022-05-17 03:53:35
nessus
nessus
cve
cve
CVE-2015-5325
2015-11-25 20:59:00
freebsd
freebsd
jenkins -- slave-originated arbitrary code execution on master servers
2014-10-30 00:00:00
archlinux
archlinux
jenkins: multiple issues
2015-11-18 00:00:00
4.9 Medium
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.02 Low
EPSS
Percentile
89.0%
Related for CVE-2014-3665