Server side request forgery (ssrf)

2018-08-0113:29:00

PRIOn knowledge base

www.prio-n.com

0.001 Low

EPSS

Percentile

21.6%

JSON

A server-side request forgery vulnerability exists in Jenkins TraceTronic ECU-TEST Plugin 2.3 and earlier in ATXPublisher.java that allows attackers to have Jenkins send HTTP requests to an attacker-specified host.

CPENameOperatorVersion
tracetronic_ecu-testle2.3

CPE	Name	Operator	Version
	tracetronic_ecu-test	le	2.3

References

www.securityfocus.com/bid/104960

jenkins.io/security/advisory/2018-07-30/

0.001 Low

EPSS

Percentile

21.6%

JSON

Related for PRION:CVE-2018-1999026