Jenkins < 2.138 and < 2.121.3 LTS Multiple Vulnerabilities (Linux)

2018-08-27T00:00:00

Description

This host is installed with Jenkins and is prone to multiple vulnerabilities.

{"id": "OPENVAS:1361412562310112359", "type": "openvas", "bulletinFamily": "scanner", "title": "Jenkins < 2.138 and < 2.121.3 LTS Multiple Vulnerabilities (Linux)", "description": "This host is installed with Jenkins and is prone to multiple vulnerabilities.", "published": "2018-08-27T00:00:00", "modified": "2019-07-30T00:00:00", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310112359", "reporter": "Copyright (C) 2018 Greenbone Networks GmbH", "references": ["https://jenkins.io/security/advisory/2018-08-15/"], "cvelist": ["CVE-2018-1999045", "CVE-2018-1999046", "CVE-2018-1999044", "CVE-2018-1999047", "CVE-2018-1999042", "CVE-2018-1999043"], "lastseen": "2019-07-30T13:53:41", "viewCount": 34, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2018-1999042", "CVE-2018-1999043", "CVE-2018-1999044", "CVE-2018-1999045", "CVE-2018-1999046", "CVE-2018-1999047"]}, {"type": "nessus", "idList": ["JENKINS_2_138.NASL", "JENKINS_2_146.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310108509", "OPENVAS:1361412562310108510", "OPENVAS:1361412562310112360"]}, {"type": "redhatcve", "idList": ["RH:CVE-2018-1999042", "RH:CVE-2018-1999043", "RH:CVE-2018-1999044", "RH:CVE-2018-1999045", "RH:CVE-2018-1999046", "RH:CVE-2018-1999047"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-1999042", "UB:CVE-2018-1999043", "UB:CVE-2018-1999044", "UB:CVE-2018-1999045", "UB:CVE-2018-1999046", "UB:CVE-2018-1999047"]}], "rev": 4}, "score": {"value": 6.0, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2018-1999042", "CVE-2018-1999043", "CVE-2018-1999044", "CVE-2018-1999045", "CVE-2018-1999046", "CVE-2018-1999047"]}, {"type": "nessus", "idList": ["JENKINS_2_138.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310112360"]}, {"type": "redhatcve", "idList": ["RH:CVE-2018-1999042", "RH:CVE-2018-1999043", "RH:CVE-2018-1999044", "RH:CVE-2018-1999045", "RH:CVE-2018-1999046", "RH:CVE-2018-1999047"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-1999042", "UB:CVE-2018-1999043", "UB:CVE-2018-1999044", "UB:CVE-2018-1999045", "UB:CVE-2018-1999046", "UB:CVE-2018-1999047"]}]}, "exploitation": null, "vulnersScore": 6.0}, "pluginID": "1361412562310112359", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Jenkins < 2.138 and < 2.121.3 LTS Multiple Vulnerabilities (Linux)\n#\n# Authors:\n# Adrian Steins <adrian.steins@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.112359\");\n script_version(\"2019-07-30T03:00:13+0000\");\n script_cve_id(\"CVE-2018-1999042\", \"CVE-2018-1999043\", \"CVE-2018-1999044\", \"CVE-2018-1999045\",\n \"CVE-2018-1999046\", \"CVE-2018-1999047\");\n script_tag(name:\"cvss_base\", value:\"5.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-07-30 03:00:13 +0000 (Tue, 30 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-08-27 10:30:00 +0200 (Mon, 27 Aug 2018)\");\n\n script_name(\"Jenkins < 2.138 and < 2.121.3 LTS Multiple Vulnerabilities (Linux)\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_jenkins_consolidation.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"jenkins/detected\", \"Host/runs_unixoide\");\n\n script_xref(name:\"URL\", value:\"https://jenkins.io/security/advisory/2018-08-15/\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Jenkins and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Jenkins is prone to the following vulnerabilities:\n\n - Jenkins allowed deserialization of URL objects via Remoting (agent communication) and XStream (CVE-2018-1999042).\n\n - Ephemeral user record was created on some invalid authentication attempts (CVE-2018-1999043).\n\n - Cron expression form validation could enter infinite loop, potentially resulting in denial of service (CVE-2018-1999044).\n\n - 'Remember me' cookie was evaluated even if that feature is disabled (CVE-2018-1999045).\n\n - Unauthorized users could access agent logs (CVE-2018-1999046).\n\n - Unauthorized users could cancel scheduled restarts initiated from the update center (CVE-2018-1999047).\");\n\n script_tag(name:\"affected\", value:\"Jenkins LTS up to and including 2.121.2, Jenkins weekly up to and including 2.137.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Jenkins weekly to 2.138 or later / Jenkins LTS to 2.121.3 or\n later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nCPE = \"cpe:/a:jenkins:jenkins\";\n\nif( !port = get_app_port( cpe:CPE ) )\n exit(0);\n\nif(!infos = get_app_full(cpe:CPE, port:port))\n exit(0);\n\nif (!version = infos[\"version\"])\n exit(0);\n\nlocation = infos[\"location\"];\nproto = infos[\"proto\"];\n\nif( get_kb_item( \"jenkins/\" + port + \"/is_lts\" ) ) {\n if ( version_is_less( version:version, test_version:\"2.121.3\" ) ) {\n vuln = TRUE;\n fix = \"2.121.3\";\n }\n} else {\n if( version_is_less( version:version, test_version:\"2.138\" ) ) {\n vuln = TRUE;\n fix = \"2.138\";\n }\n}\n\nif( vuln ) {\n report = report_fixed_ver( installed_version:version, fixed_version:fix, install_path:location );\n security_message( port:port, data:report, proto:proto );\n exit( 0 );\n}\n\nexit( 99 );\n", "naslFamily": "Web application abuses", "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1647589307, "score": 0}}

{"openvas": [{"lastseen": "2019-07-30T13:53:41", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-1999045", "CVE-2018-1999046", "CVE-2018-1999044", "CVE-2018-1999047", "CVE-2018-1999042", "CVE-2018-1999043"], "description": "This host is installed with Jenkins and is prone to multiple vulnerabilities.", "modified": "2019-07-30T00:00:00", "published": "2018-08-27T00:00:00", "id": "OPENVAS:1361412562310112360", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310112360", "type": "openvas", "title": "Jenkins < 2.138 and < 2.121.3 LTS Multiple Vulnerabilities (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Jenkins < 2.138 and < 2.121.3 LTS Multiple Vulnerabilities (Windows)\n#\n# Authors:\n# Adrian Steins <adrian.steins@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.112360\");\n script_version(\"2019-07-30T03:00:13+0000\");\n script_cve_id(\"CVE-2018-1999042\", \"CVE-2018-1999043\", \"CVE-2018-1999044\", \"CVE-2018-1999045\",\n \"CVE-2018-1999046\", \"CVE-2018-1999047\");\n script_tag(name:\"cvss_base\", value:\"5.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-07-30 03:00:13 +0000 (Tue, 30 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-08-27 10:30:00 +0200 (Mon, 27 Aug 2018)\");\n\n script_name(\"Jenkins < 2.138 and < 2.121.3 LTS Multiple Vulnerabilities (Windows)\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_jenkins_consolidation.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"jenkins/detected\", \"Host/runs_windows\");\n\n script_xref(name:\"URL\", value:\"https://jenkins.io/security/advisory/2018-08-15/\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Jenkins and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Jenkins is prone to the following vulnerabilities:\n\n - Jenkins allowed deserialization of URL objects via Remoting (agent communication) and XStream (CVE-2018-1999042).\n\n - Ephemeral user record was created on some invalid authentication attempts (CVE-2018-1999043).\n\n - Cron expression form validation could enter infinite loop, potentially resulting in denial of service (CVE-2018-1999044).\n\n - 'Remember me' cookie was evaluated even if that feature is disabled (CVE-2018-1999045).\n\n - Unauthorized users could access agent logs (CVE-2018-1999046).\n\n - Unauthorized users could cancel scheduled restarts initiated from the update center (CVE-2018-1999047).\");\n\n script_tag(name:\"affected\", value:\"Jenkins LTS up to and including 2.121.2, Jenkins weekly up to and including 2.137.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Jenkins weekly to 2.138 or later / Jenkins LTS to 2.121.3 or\n later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nCPE = \"cpe:/a:jenkins:jenkins\";\n\nif( !port = get_app_port( cpe:CPE ) )\n exit(0);\n\nif(!infos = get_app_full(cpe:CPE, port:port))\n exit(0);\n\nif (!version = infos[\"version\"])\n exit(0);\n\nlocation = infos[\"location\"];\nproto = infos[\"proto\"];\n\nif( get_kb_item( \"jenkins/\" + port + \"/is_lts\" ) ) {\n if ( version_is_less( version:version, test_version:\"2.121.3\" ) ) {\n vuln = TRUE;\n fix = \"2.121.3\";\n }\n} else {\n if( version_is_less( version:version, test_version:\"2.138\" ) ) {\n vuln = TRUE;\n fix = \"2.138\";\n }\n}\n\nif( vuln ) {\n report = report_fixed_ver( installed_version:version, fixed_version:fix, install_path:location );\n security_message( port:port, data:report, proto:proto );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2019-07-30T13:53:42", "description": "This host is installed with Jenkins and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2018-12-11T00:00:00", "type": "openvas", "title": "Jenkins < 2.146 and < 2.138.2 LTS Multiple Vulnerabilities (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1000997", "CVE-2018-1000408", "CVE-2018-1000410", "CVE-2018-1000409", "CVE-2018-1000406", "CVE-2018-1000407", "CVE-2018-1999043"], "modified": "2019-07-30T00:00:00", "id": "OPENVAS:1361412562310108510", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310108510", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Jenkins < 2.146 and < 2.138.2 LTS Multiple Vulnerabilities (Windows)\n#\n# Authors:\n# Christian Fischer <christian.fischer@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.108510\");\n script_version(\"2019-07-30T03:00:13+0000\");\n script_cve_id(\"CVE-2018-1999043\", \"CVE-2018-1000406\", \"CVE-2018-1000407\",\n \"CVE-2018-1000408\", \"CVE-2018-1000409\", \"CVE-2018-1000410\", \"CVE-2018-1000997\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-30 03:00:13 +0000 (Tue, 30 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-12-11 14:42:36 +0100 (Tue, 11 Dec 2018)\");\n\n script_name(\"Jenkins < 2.146 and < 2.138.2 LTS Multiple Vulnerabilities (Windows)\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_jenkins_consolidation.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"jenkins/detected\", \"Host/runs_windows\");\n\n script_xref(name:\"URL\", value:\"https://jenkins.io/security/advisory/2018-10-10/\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Jenkins and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Jenkins is prone to the following vulnerabilities:\n\n - Path traversal vulnerability in Stapler allowed accessing internal data (CVE-2018-1000997).\n\n - Arbitrary file write vulnerability using file parameter definitions (CVE-2018-1000406).\n\n - Reflected XSS vulnerability (CVE-2018-1000407).\n\n - Ephemeral user record was created on some invalid authentication attempts (CVE-2018-1999043).\n\n - Ephemeral user record creation (CVE-2018-1000408).\n\n - Session fixation vulnerability on user signup (CVE-2018-1000409).\n\n - Failures to process form submission data could result in secrets being displayed or written to logs (CVE-2018-1000410).\");\n\n script_tag(name:\"affected\", value:\"Jenkins LTS up to and including 2.138.1, Jenkins weekly up to and including 2.145.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Jenkins weekly to 2.146 or later / Jenkins LTS to 2.138.2 or\n later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nCPE = \"cpe:/a:jenkins:jenkins\";\n\nif( !port = get_app_port( cpe:CPE ) )\n exit(0);\n\nif(!infos = get_app_full(cpe:CPE, port:port))\n exit(0);\n\nif (!version = infos[\"version\"])\n exit(0);\n\nlocation = infos[\"location\"];\nproto = infos[\"proto\"];\n\nif( get_kb_item( \"jenkins/\" + port + \"/is_lts\" ) ) {\n if ( version_is_less( version:version, test_version:\"2.138.2\" ) ) {\n fix = \"2.138.2\";\n }\n} else {\n if( version_is_less( version:version, test_version:\"2.146\" ) ) {\n fix = \"2.146\";\n }\n}\n\nif( fix ) {\n report = report_fixed_ver( installed_version:version, fixed_version:fix, install_path:location );\n security_message( port:port, data:report, proto:proto );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2019-07-30T13:53:41", "description": "This host is installed with Jenkins and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2018-12-11T00:00:00", "type": "openvas", "title": "Jenkins < 2.146 and < 2.138.2 LTS Multiple Vulnerabilities (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1000997", "CVE-2018-1000408", "CVE-2018-1000410", "CVE-2018-1000409", "CVE-2018-1000406", "CVE-2018-1000407", "CVE-2018-1999043"], "modified": "2019-07-30T00:00:00", "id": "OPENVAS:1361412562310108509", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310108509", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Jenkins < 2.146 and < 2.138.2 LTS Multiple Vulnerabilities (Linux)\n#\n# Authors:\n# Christian Fischer <christian.fischer@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.108509\");\n script_version(\"2019-07-30T03:00:13+0000\");\n script_cve_id(\"CVE-2018-1999043\", \"CVE-2018-1000406\", \"CVE-2018-1000407\",\n \"CVE-2018-1000408\", \"CVE-2018-1000409\", \"CVE-2018-1000410\", \"CVE-2018-1000997\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-30 03:00:13 +0000 (Tue, 30 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-12-11 14:42:36 +0100 (Tue, 11 Dec 2018)\");\n\n script_name(\"Jenkins < 2.146 and < 2.138.2 LTS Multiple Vulnerabilities (Linux)\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_jenkins_consolidation.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"jenkins/detected\", \"Host/runs_unixoide\");\n\n script_xref(name:\"URL\", value:\"https://jenkins.io/security/advisory/2018-10-10/\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Jenkins and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Jenkins is prone to the following vulnerabilities:\n\n - Path traversal vulnerability in Stapler allowed accessing internal data (CVE-2018-1000997).\n\n - Arbitrary file write vulnerability using file parameter definitions (CVE-2018-1000406).\n\n - Reflected XSS vulnerability (CVE-2018-1000407).\n\n - Ephemeral user record was created on some invalid authentication attempts (CVE-2018-1999043).\n\n - Ephemeral user record creation (CVE-2018-1000408).\n\n - Session fixation vulnerability on user signup (CVE-2018-1000409).\n\n - Failures to process form submission data could result in secrets being displayed or written to logs (CVE-2018-1000410).\");\n\n script_tag(name:\"affected\", value:\"Jenkins LTS up to and including 2.138.1, Jenkins weekly up to and including 2.145.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Jenkins weekly to 2.146 or later / Jenkins LTS to 2.138.2 or\n later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nCPE = \"cpe:/a:jenkins:jenkins\";\n\nif( !port = get_app_port( cpe:CPE ) )\n exit(0);\n\nif(!infos = get_app_full(cpe:CPE, port:port))\n exit(0);\n\nif (!version = infos[\"version\"])\n exit(0);\n\nlocation = infos[\"location\"];\nproto = infos[\"proto\"];\n\nif( get_kb_item( \"jenkins/\" + port + \"/is_lts\" ) ) {\n if ( version_is_less( version:version, test_version:\"2.138.2\" ) ) {\n fix = \"2.138.2\";\n }\n} else {\n if( version_is_less( version:version, test_version:\"2.146\" ) ) {\n fix = \"2.146\";\n }\n}\n\nif( fix ) {\n report = report_fixed_ver( installed_version:version, fixed_version:fix, install_path:location );\n security_message( port:port, data:report, proto:proto );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "nessus": [{"lastseen": "2022-05-10T16:59:50", "description": "The version of Jenkins running on the remote web server is prior to 2.138 or is a version of Jenkins LTS prior to 2.121.3. It is, therefore, affected by multiple vulnerabilities.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 5.4, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"}, "published": "2018-09-06T00:00:00", "type": "nessus", "title": "Jenkins < 2.121.3 / 2.138 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1999042", "CVE-2018-1999043", "CVE-2018-1999044", "CVE-2018-1999045", "CVE-2018-1999046", "CVE-2018-1999047"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:cloudbees:jenkins"], "id": "JENKINS_2_138.NASL", "href": "https://www.tenable.com/plugins/nessus/117337", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(117337);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2018-1999042\",\n \"CVE-2018-1999043\",\n \"CVE-2018-1999044\",\n \"CVE-2018-1999045\",\n \"CVE-2018-1999046\",\n \"CVE-2018-1999047\"\n );\n\n script_name(english:\"Jenkins < 2.121.3 / 2.138 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A job scheduling and management system hosted on the remote web server\nis affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Jenkins running on the remote web server is prior to\n2.138 or is a version of Jenkins LTS prior to 2.121.3. It is,\ntherefore, affected by multiple vulnerabilities.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://jenkins.io/security/advisory/2018-08-15/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade Jenkins to version 2.138 or later, Jenkins LTS to version\n2.121.3 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-1999045\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/09/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:cloudbees:jenkins\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"jenkins_detect.nasl\", \"jenkins_win_installed.nbin\", \"jenkins_nix_installed.nbin\", \"macosx_jenkins_installed.nbin\");\n script_require_keys(\"installed_sw/Jenkins\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('vcf_extras.inc');\n\nvar app_info = vcf::combined_get_app_info(app:'Jenkins');\n\nvar constraints = [\n { 'fixed_version' : '2.138', 'fixed_display' : '2.121.3 LTS / 2.138', 'edition' : 'Open Source' },\n { 'fixed_version' : '2.121.3', 'fixed_display' : '2.121.3 LTS / 2.138', 'edition' : 'Open Source LTS' }\n];\n\nvcf::jenkins::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2022-04-12T17:01:22", "description": "The version of Jenkins running on the remote web server is prior to 2.146 or is a version of Jenkins LTS prior to 2.138.2. It is, therefore, affected by multiple vulnerabilities:\n - A cross-site scripting (XSS) vulnerability exists due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote attacker can exploit this, by convincing a user to click a specially crafted URL, to execute arbitrary script code in a user's browser session (CVE-2018-1000407).\n\n - A denial of service (DoS) vulnerability exists in the HudsonPrivateSecurityRealm class of Jenkins. An unauthenticated, remote attacker can exploit this issue, by sending crafted, repeated HTTP requests to particular URLs, to cause the application to stop responding (CVE-2018-1000408).\n\n - A directory traversal vulnerability exists in the version of the Stapler Web Framework, which is bundled with Jenkins. An authenticated, remote attacker can exploit this, by sending a URI that contains directory traversal characters, to disclose the contents of files located outside of the server's restricted path (CVE-2018-1000997).\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 6.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}, "published": "2018-10-16T00:00:00", "type": "nessus", "title": "Jenkins < 2.138.2 (LTS) / 2.146 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1000406", "CVE-2018-1000407", "CVE-2018-1000408", "CVE-2018-1000409", "CVE-2018-1000410", "CVE-2018-1000997", "CVE-2018-1999043"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:cloudbees:jenkins", "cpe:/a:jenkins:jenkins"], "id": "JENKINS_2_146.NASL", "href": "https://www.tenable.com/plugins/nessus/118147", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(118147);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2018-1000406\",\n \"CVE-2018-1000407\",\n \"CVE-2018-1000408\",\n \"CVE-2018-1000409\",\n \"CVE-2018-1000410\",\n \"CVE-2018-1000997\",\n \"CVE-2018-1999043\"\n );\n script_bugtraq_id(106532);\n script_xref(name:\"TRA\", value:\"TRA-2018-29\");\n\n script_name(english:\"Jenkins < 2.138.2 (LTS) / 2.146 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A job scheduling and management system hosted on the remote web server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Jenkins running on the remote web server is prior to 2.146 or is a version of Jenkins LTS prior to \n2.138.2. It is, therefore, affected by multiple vulnerabilities:\n - A cross-site scripting (XSS) vulnerability exists due to improper validation of user-supplied input before \n returning it to users. An unauthenticated, remote attacker can exploit this, by convincing a user to click a \n specially crafted URL, to execute arbitrary script code in a user's browser session (CVE-2018-1000407).\n\n - A denial of service (DoS) vulnerability exists in the HudsonPrivateSecurityRealm class of Jenkins. An \n unauthenticated, remote attacker can exploit this issue, by sending crafted, repeated HTTP requests to particular \n URLs, to cause the application to stop responding (CVE-2018-1000408).\n\n - A directory traversal vulnerability exists in the version of the Stapler Web Framework, which is bundled with \n Jenkins. An authenticated, remote attacker can exploit this, by sending a URI that contains directory traversal \n characters, to disclose the contents of files located outside of the server's restricted path (CVE-2018-1000997).\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version \nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://jenkins.io/security/advisory/2018-10-10/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.tenable.com/security/research/tra-2018-29\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade Jenkins to version 2.146 or later, Jenkins LTS to version \n2.138.2 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-1000408\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:cloudbees:jenkins\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:jenkins:jenkins\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"jenkins_detect.nasl\", \"jenkins_win_installed.nbin\", \"jenkins_nix_installed.nbin\", \"macosx_jenkins_installed.nbin\");\n script_require_keys(\"installed_sw/Jenkins\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('vcf_extras.inc');\n\nvar app_info = vcf::combined_get_app_info(app:'Jenkins');\n\nvar constraints = [\n { 'fixed_version' : '2.146', 'edition' : 'Open Source' },\n { 'fixed_version' : '2.138.2', 'edition' : 'Open Source LTS' }\n];\n\nvcf::jenkins::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_WARNING\n);\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "cve": [{"lastseen": "2022-03-23T15:33:28", "description": "A denial of service vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in CronTab.java that allows attackers with Overall/Read permission to have a request handling thread enter an infinite loop.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-08-23T18:29:00", "type": "cve", "title": "CVE-2018-1999044", "cwe": ["CWE-835"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1999044"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/a:jenkins:jenkins:2.121.2", "cpe:/a:jenkins:jenkins:2.137"], "id": "CVE-2018-1999044", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1999044", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:jenkins:jenkins:2.137:*:*:*:-:*:*:*", "cpe:2.3:a:jenkins:jenkins:2.121.2:*:*:*:lts:*:*:*"]}, {"lastseen": "2022-03-23T15:33:30", "description": "A improper authentication vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in SecurityRealm.java, TokenBasedRememberMeServices2.java that allows attackers with a valid cookie to remain logged in even if that feature is disabled.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.4, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 2.5}, "published": "2018-08-23T18:29:00", "type": "cve", "title": "CVE-2018-1999045", "cwe": ["CWE-287"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1999045"], "modified": "2019-05-08T22:23:00", "cpe": ["cpe:/a:jenkins:jenkins:2.121.2", "cpe:/a:jenkins:jenkins:2.137"], "id": "CVE-2018-1999045", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1999045", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}, "cpe23": ["cpe:2.3:a:jenkins:jenkins:2.137:*:*:*:-:*:*:*", "cpe:2.3:a:jenkins:jenkins:2.121.2:*:*:*:lts:*:*:*"]}, {"lastseen": "2022-03-23T15:33:27", "description": "A vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in XStream2.java that allows attackers to have Jenkins resolve a domain name when deserializing an instance of java.net.URL.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-08-23T18:29:00", "type": "cve", "title": "CVE-2018-1999042", "cwe": ["CWE-502"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1999042"], "modified": "2019-05-08T22:22:00", "cpe": ["cpe:/a:jenkins:jenkins:2.121.2", "cpe:/a:jenkins:jenkins:2.137"], "id": "CVE-2018-1999042", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1999042", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:jenkins:jenkins:2.137:*:*:*:-:*:*:*", "cpe:2.3:a:jenkins:jenkins:2.121.2:*:*:*:lts:*:*:*"]}, {"lastseen": "2022-03-23T15:33:31", "description": "A improper authorization vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in UpdateCenter.java that allows attackers to cancel a Jenkins restart scheduled through the update center.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-08-23T18:29:00", "type": "cve", "title": "CVE-2018-1999047", "cwe": ["CWE-863"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1999047"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/a:jenkins:jenkins:2.121.2", "cpe:/a:jenkins:jenkins:2.137"], "id": "CVE-2018-1999047", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1999047", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:jenkins:jenkins:2.137:*:*:*:-:*:*:*", "cpe:2.3:a:jenkins:jenkins:2.121.2:*:*:*:lts:*:*:*"]}, {"lastseen": "2022-03-23T15:33:29", "description": "A exposure of sensitive information vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in Computer.java that allows attackers With Overall/Read permission to access the connection log for any agent.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-08-23T18:29:00", "type": "cve", "title": "CVE-2018-1999046", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1999046"], "modified": "2019-05-08T22:23:00", "cpe": ["cpe:/a:jenkins:jenkins:2.137", "cpe:/a:jenkins:jenkins:2.121.2"], "id": "CVE-2018-1999046", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1999046", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:jenkins:jenkins:2.137:*:*:*:-:*:*:*", "cpe:2.3:a:jenkins:jenkins:2.121.2:*:*:*:lts:*:*:*"]}, {"lastseen": "2022-03-23T15:33:24", "description": "A denial of service vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in BasicAuthenticationFilter.java, BasicHeaderApiTokenAuthenticator.java that allows attackers to create ephemeral in-memory user records by attempting to log in using invalid credentials.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-08-23T18:29:00", "type": "cve", "title": "CVE-2018-1999043", "cwe": ["CWE-772"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1999043"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/a:jenkins:jenkins:2.137", "cpe:/a:jenkins:jenkins:2.121.2"], "id": "CVE-2018-1999043", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1999043", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:jenkins:jenkins:2.137:*:*:*:-:*:*:*", "cpe:2.3:a:jenkins:jenkins:2.121.2:*:*:*:lts:*:*:*"]}], "redhatcve": [{"lastseen": "2022-06-08T08:15:56", "description": "A denial of service vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in CronTab.java that allows attackers with Overall/Read permission to have a request handling thread enter an infinite loop.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-08-23T04:51:55", "type": "redhatcve", "title": "CVE-2018-1999044", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1999044"], "modified": "2022-06-08T05:29:11", "id": "RH:CVE-2018-1999044", "href": "https://access.redhat.com/security/cve/cve-2018-1999044", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2022-06-08T08:15:56", "description": "A improper authentication vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in SecurityRealm.java, TokenBasedRememberMeServices2.java that allows attackers with a valid cookie to remain logged in even if that feature is disabled.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.4, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 2.5}, "published": "2018-08-23T04:51:39", "type": "redhatcve", "title": "CVE-2018-1999045", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1999045"], "modified": "2022-06-08T05:29:12", "id": "RH:CVE-2018-1999045", "href": "https://access.redhat.com/security/cve/cve-2018-1999045", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2022-06-08T08:15:56", "description": "A improper authorization vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in UpdateCenter.java that allows attackers to cancel a Jenkins restart scheduled through the update center.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-08-23T04:51:07", "type": "redhatcve", "title": "CVE-2018-1999047", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1999047"], "modified": "2022-06-08T05:29:17", "id": "RH:CVE-2018-1999047", "href": "https://access.redhat.com/security/cve/cve-2018-1999047", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}, {"lastseen": "2022-06-08T08:15:56", "description": "A exposure of sensitive information vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in Computer.java that allows attackers With Overall/Read permission to access the connection log for any agent.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-08-23T04:51:23", "type": "redhatcve", "title": "CVE-2018-1999046", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1999046"], "modified": "2022-06-08T05:29:24", "id": "RH:CVE-2018-1999046", "href": "https://access.redhat.com/security/cve/cve-2018-1999046", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2022-06-08T08:15:56", "description": "A vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in XStream2.java that allows attackers to have Jenkins resolve a domain name when deserializing an instance of java.net.URL.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-08-23T04:50:52", "type": "redhatcve", "title": "CVE-2018-1999042", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1999042"], "modified": "2022-06-08T05:29:17", "id": "RH:CVE-2018-1999042", "href": "https://access.redhat.com/security/cve/cve-2018-1999042", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-08T08:15:57", "description": "A denial of service vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in BasicAuthenticationFilter.java, BasicHeaderApiTokenAuthenticator.java that allows attackers to create ephemeral in-memory user records by attempting to log in using invalid credentials.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-08-23T04:50:21", "type": "redhatcve", "title": "CVE-2018-1999043", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1999043"], "modified": "2022-06-08T05:29:09", "id": "RH:CVE-2018-1999043", "href": "https://access.redhat.com/security/cve/cve-2018-1999043", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "ubuntucve": [{"lastseen": "2021-11-22T21:35:03", "description": "A denial of service vulnerability exists in Jenkins 2.137 and earlier,\n2.121.2 and earlier in CronTab.java that allows attackers with Overall/Read\npermission to have a request handling thread enter an infinite loop.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-08-23T00:00:00", "type": "ubuntucve", "title": "CVE-2018-1999044", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1999044"], "modified": "2018-08-23T00:00:00", "id": "UB:CVE-2018-1999044", "href": "https://ubuntu.com/security/CVE-2018-1999044", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2021-11-22T21:35:03", "description": "A vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in\nXStream2.java that allows attackers to have Jenkins resolve a domain name\nwhen deserializing an instance of java.net.URL.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2018-08-23T00:00:00", "type": "ubuntucve", "title": "CVE-2018-1999042", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1999042"], "modified": "2018-08-23T00:00:00", "id": "UB:CVE-2018-1999042", "href": "https://ubuntu.com/security/CVE-2018-1999042", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-11-22T21:35:04", "description": "A improper authorization vulnerability exists in Jenkins 2.137 and earlier,\n2.121.2 and earlier in UpdateCenter.java that allows attackers to cancel a\nJenkins restart scheduled through the update center.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-08-23T00:00:00", "type": "ubuntucve", "title": "CVE-2018-1999047", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1999047"], "modified": "2018-08-23T00:00:00", "id": "UB:CVE-2018-1999047", "href": "https://ubuntu.com/security/CVE-2018-1999047", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}, {"lastseen": "2021-11-22T21:35:03", "description": "A improper authentication vulnerability exists in Jenkins 2.137 and\nearlier, 2.121.2 and earlier in SecurityRealm.java,\nTokenBasedRememberMeServices2.java that allows attackers with a valid\ncookie to remain logged in even if that feature is disabled.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 5.4, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 2.5}, "published": "2018-08-23T00:00:00", "type": "ubuntucve", "title": "CVE-2018-1999045", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1999045"], "modified": "2018-08-23T00:00:00", "id": "UB:CVE-2018-1999045", "href": "https://ubuntu.com/security/CVE-2018-1999045", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2021-11-22T21:35:04", "description": "A exposure of sensitive information vulnerability exists in Jenkins 2.137\nand earlier, 2.121.2 and earlier in Computer.java that allows attackers\nWith Overall/Read permission to access the connection log for any agent.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2018-08-23T00:00:00", "type": "ubuntucve", "title": "CVE-2018-1999046", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1999046"], "modified": "2018-08-23T00:00:00", "id": "UB:CVE-2018-1999046", "href": "https://ubuntu.com/security/CVE-2018-1999046", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2021-11-22T21:35:03", "description": "A denial of service vulnerability exists in Jenkins 2.137 and earlier,\n2.121.2 and earlier in BasicAuthenticationFilter.java,\nBasicHeaderApiTokenAuthenticator.java that allows attackers to create\nephemeral in-memory user records by attempting to log in using invalid\ncredentials.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-08-23T00:00:00", "type": "ubuntucve", "title": "CVE-2018-1999043", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1999043"], "modified": "2018-08-23T00:00:00", "id": "UB:CVE-2018-1999043", "href": "https://ubuntu.com/security/CVE-2018-1999043", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "github": [{"lastseen": "2022-06-29T19:31:58", "description": "A improper authorization vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in UpdateCenter.java that allows attackers to cancel a Jenkins restart scheduled through the update center.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-05-13T01:50:56", "type": "github", "title": "Incorrect Authorization in Jenkins", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1999047"], "modified": "2022-06-29T19:09:10", "id": "GHSA-R2JF-RC5V-VMPV", "href": "https://github.com/advisories/GHSA-r2jf-rc5v-vmpv", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}, {"lastseen": "2022-06-29T01:58:45", "description": "A exposure of sensitive information vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in Computer.java that allows attackers With Overall/Read permission to access the connection log for any agent.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-05-14T01:04:56", "type": "github", "title": "Exposure of Sensitive Information to an Unauthorized Actor in Jenkins", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1999046"], "modified": "2022-06-28T23:44:10", "id": "GHSA-667Q-VJ58-RJ88", "href": "https://github.com/advisories/GHSA-667q-vj58-rj88", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2022-06-29T01:58:45", "description": "A vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in XStream2.java that allows attackers to have Jenkins resolve a domain name when deserializing an instance of java.net.URL.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-05-14T01:04:56", "type": "github", "title": "Deserialization of Untrusted Data in Jenkins", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1999042"], "modified": "2022-06-28T23:42:37", "id": "GHSA-28P3-MCHR-9FRJ", "href": "https://github.com/advisories/GHSA-28p3-mchr-9frj", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-29T01:58:45", "description": "A improper authentication vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in SecurityRealm.java, TokenBasedRememberMeServices2.java that allows attackers with a valid cookie to remain logged in even if that feature is disabled.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.4, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 2.5}, "published": "2022-05-14T01:04:56", "type": "github", "title": "Improper Authentication in Jenkins", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1999045"], "modified": "2022-06-28T23:43:54", "id": "GHSA-Q4CQ-R7HG-PXQQ", "href": "https://github.com/advisories/GHSA-q4cq-r7hg-pxqq", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2022-06-29T01:58:45", "description": "A denial of service vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in BasicAuthenticationFilter.java, BasicHeaderApiTokenAuthenticator.java that allows attackers to create ephemeral in-memory user records by attempting to log in using invalid credentials.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-05-13T01:50:55", "type": "github", "title": "Missing Release of Resource after Effective Lifetime in Jenkins", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1999043"], "modified": "2022-06-28T23:43:05", "id": "GHSA-2632-H32J-6RG9", "href": "https://github.com/advisories/GHSA-2632-h32j-6rg9", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "osv": [{"lastseen": "2022-06-29T01:58:12", "description": "A exposure of sensitive information vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in Computer.java that allows attackers With Overall/Read permission to access the connection log for any agent.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-05-14T01:04:56", "type": "osv", "title": "Exposure of Sensitive Information to an Unauthorized Actor in Jenkins", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1999046"], "modified": "2022-06-29T00:11:13", "id": "OSV:GHSA-667Q-VJ58-RJ88", "href": "https://osv.dev/vulnerability/GHSA-667q-vj58-rj88", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2022-06-29T01:58:13", "description": "A improper authentication vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in SecurityRealm.java, TokenBasedRememberMeServices2.java that allows attackers with a valid cookie to remain logged in even if that feature is disabled.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.4, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 2.5}, "published": "2022-05-14T01:04:56", "type": "osv", "title": "Improper Authentication in Jenkins", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1999045"], "modified": "2022-06-29T00:10:49", "id": "OSV:GHSA-Q4CQ-R7HG-PXQQ", "href": "https://osv.dev/vulnerability/GHSA-q4cq-r7hg-pxqq", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2022-06-29T01:58:26", "description": "A vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in XStream2.java that allows attackers to have Jenkins resolve a domain name when deserializing an instance of java.net.URL.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-05-14T01:04:56", "type": "osv", "title": "Deserialization of Untrusted Data in Jenkins", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1999042"], "modified": "2022-06-29T00:11:19", "id": "OSV:GHSA-28P3-MCHR-9FRJ", "href": "https://osv.dev/vulnerability/GHSA-28p3-mchr-9frj", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-29T22:58:11", "description": "A improper authorization vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in UpdateCenter.java that allows attackers to cancel a Jenkins restart scheduled through the update center.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-05-13T01:50:56", "type": "osv", "title": "Incorrect Authorization in Jenkins", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1999047"], "modified": "2022-06-29T19:32:19", "id": "OSV:GHSA-R2JF-RC5V-VMPV", "href": "https://osv.dev/vulnerability/GHSA-r2jf-rc5v-vmpv", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}, {"lastseen": "2022-06-29T01:58:37", "description": "A denial of service vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in BasicAuthenticationFilter.java, BasicHeaderApiTokenAuthenticator.java that allows attackers to create ephemeral in-memory user records by attempting to log in using invalid credentials.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-05-13T01:50:55", "type": "osv", "title": "Missing Release of Resource after Effective Lifetime in Jenkins", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1999043"], "modified": "2022-06-29T00:11:22", "id": "OSV:GHSA-2632-H32J-6RG9", "href": "https://osv.dev/vulnerability/GHSA-2632-h32j-6rg9", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}]}

Jenkins &lt; 2.138 and &lt; 2.121.3 LTS Multiple Vulnerabilities (Linux)

Description

Related

Jenkins < 2.138 and < 2.121.3 LTS Multiple Vulnerabilities (Linux)