CVE-2020-2103

🗓️ 29 Jan 2020 16:12:15Reported by [email protected]Type

Jenkins 2.218 and earlier, LTS 2.204.1 and earlier exposed session identifiers on a user's detail object in the whoAmI diagnostic page

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 16
OSV	Jenkins Diagnostic page exposed session cookies	24 May 202217:07	–	osv
OSV	CVE-2020-2103	29 Jan 202016:15	–	osv
OSV	BIT-jenkins-2020-2103	6 Mar 202411:06	–	osv
OSV	RHBA-2020:0675 Red Hat Bug Fix Advisory: OpenShift Container Platform 4.3.5 packages update	16 Sep 202403:28	–	osv
OSV	RHBA-2020:0402 Red Hat Bug Fix Advisory: OpenShift Container Platform 3.11 bug fix update	16 Sep 202403:28	–	osv
Prion	Code injection	29 Jan 202016:15	–	prion
Github Security Blog	Jenkins Diagnostic page exposed session cookies	24 May 202217:07	–	github
Cvelist	CVE-2020-2103	29 Jan 202015:15	–	cvelist
CVE	CVE-2020-2103	29 Jan 202016:15	–	cve
RedhatCVE	CVE-2020-2103	31 Jan 202020:09	–	redhatcve

Nvd

Node

jenkins jenkinsRange≤2.204.1lts

jenkins jenkinsRange≤2.218-

Source	Link
access	www.access.redhat.com/errata/RHBA-2020:0675
access	www.access.redhat.com/errata/RHBA-2020:0402
access	www.access.redhat.com/errata/RHSA-2020:0681
jenkins	www.jenkins.io/security/advisory/2020-01-29/
openwall	www.openwall.com/lists/oss-security/2020/01/29/1
access	www.access.redhat.com/errata/RHSA-2020:0683

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

29 Jan 2020 16:15Current

5.4Medium risk

Vulners AI Score5.4

CVSS24

CVSS35.4

EPSS0.42161

CWE-200