Lucene search
Redhat.comRH:CVE-2019-1003004HistoryApr 09, 2020 - 10:33 a.m.
CVE-2019-1003004
2020-04-0910:33:33
redhat.com
access.redhat.com
9
0.003 Low
EPSS
Percentile
66.2%
An improper authorization vulnerability exists in Jenkins 2.158 and earlier, LTS 2.150.1 and earlier in core/src/main/java/hudson/security/AuthenticationProcessingFilter2.java that allows attackers to extend the duration of active HTTP sessions indefinitely even though the user account may have been deleted in the mean time.
Related
nvd
nvd
CVE-2019-1003004
2019-01-22 14:29:00
CVE-2019-1003049
2019-04-10 21:29:01
osv
osv
Improper Authorization in Jenkins Core
2022-05-13 01:05:22
CVE-2019-1003004
2019-01-22 14:29:00
Insufficient Session Expiration in Jenkins
2022-05-13 01:01:01
cvelist
cvelist
CVE-2019-1003004
2019-01-22 14:00:00
CVE-2019-1003049
2019-04-10 20:12:29
cve
cve
CVE-2019-1003004
2019-01-22 14:29:00
CVE-2019-1003049
2019-04-10 21:29:01
github
github
Improper Authorization in Jenkins Core
2022-05-13 01:05:22
Insufficient Session Expiration in Jenkins
2022-05-13 01:01:01
veracode
veracode
Insecure Session Management
2019-05-16 03:24:12
prion
prion
Authorization
2019-01-22 14:29:00
Authentication flaw
2019-04-10 21:29:00
alpinelinux
alpinelinux
CVE-2019-1003049
2019-04-10 21:29:01
openvas
openvas
Jenkins < 2.160 and < 2.150.2 LTS Multiple Vulnerabilities - Linux
2019-01-23 00:00:00
Jenkins < 2.160 and < 2.150.2 LTS Multiple Vulnerabilities - Windows
2019-01-23 00:00:00
Jenkins < 2.164.2 LTS and < 2.172 Multiple Vulnerabilities - Linux
2019-04-17 00:00:00
nessus
nessus
Jenkins < 2.150.2 LTS / 2.160 Multiple Vulnerabilities
2019-01-23 00:00:00
redhatcve
redhatcve
CVE-2019-1003049
2019-04-15 03:50:05