Lucene search
GoogleOSV:CVE-2019-1003003HistoryJan 22, 2019 - 2:29 p.m.
CVE-2019-1003003
2019-01-2214:29:00
Google
osv.dev
7
An improper authorization vulnerability exists in Jenkins 2.158 and earlier, LTS 2.150.1 and earlier in core/src/main/java/hudson/security/TokenBasedRememberMeServices2.java that allows attackers with Overall/RunScripts permission to craft Remember Me cookies that would never expire, allowing e.g. to persist access to temporarily compromised user accounts.
Related
cve
cve
CVE-2019-1003003
2019-01-22 14:29:00
veracode
veracode
Insecure Session Management
2019-05-16 03:24:10
cvelist
cvelist
CVE-2019-1003003
2019-01-22 14:00:00
osv
osv
Improper Authorization in Jenkins Core
2022-05-13 01:05:22
github
github
Improper Authorization in Jenkins Core
2022-05-13 01:05:22
redhatcve
redhatcve
CVE-2019-1003003
2020-04-09 10:33:33
nvd
nvd
CVE-2019-1003003
2019-01-22 14:29:00
prion
prion
Authorization
2019-01-22 14:29:00
nessus
nessus
Jenkins < 2.150.2 LTS / 2.160 Multiple Vulnerabilities
2019-01-23 00:00:00
openvas
openvas
Jenkins < 2.160 and < 2.150.2 LTS Multiple Vulnerabilities - Linux
2019-01-23 00:00:00
Jenkins < 2.160 and < 2.150.2 LTS Multiple Vulnerabilities - Windows
2019-01-23 00:00:00