Lucene search

K
cvelistJenkinsCVELIST:CVE-2020-2103
HistoryJan 29, 2020 - 3:15 p.m.

CVE-2020-2103

2020-01-2915:15:29
jenkins
www.cve.org

5.8 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.1%

Jenkins 2.218 and earlier, LTS 2.204.1 and earlier exposed session identifiers on a user’s detail object in the whoAmI diagnostic page.

CNA Affected

[
  {
    "product": "Jenkins",
    "vendor": "Jenkins project",
    "versions": [
      {
        "lessThanOrEqual": "2.218",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "LTS 2.204.1",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

5.8 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.1%