Lucene search
+L

9 matches found

redhatcve
redhatcve
added 2024/08/08 2:46 a.m.21 views

CVE-2024-43045

A flaw was found in Jenkins. A missing permission check in an HTTP endpoint allows attackers with Overall/Read permission to access other users' "My Views" or attackers with global View/Configure and View/Delete permissions to change other users' "My Views". Mitigation Mitigation for this issue i...

5.4CVSS6.2AI score0.04263EPSS
Exploits0References4
vulnersosv
vulnersosv
added 2024/08/07 3:30 p.m.9 views

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1603 more potentially affected by CVE-2024-43045 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.452.3)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2024-43045 Source advisory: OSV:GHSA-8PV9-QH96-9HC6...

6.3CVSS6.7AI score0.04263EPSS
Exploits0
wolfi
wolfi
added 2024/08/07 2:15 p.m.127 views

CVE-2024-43045 vulnerabilities

Vulnerabilities for packages: jenkins...

6.3CVSS7.1AI score0.04263EPSS
Exploits0
nvd
nvd
added 2024/08/07 2:15 p.m.37 views

CVE-2024-43045

Jenkins 2.470 and earlier, LTS 2.452.3 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to access other users' "My Views"...

6.3CVSS0.04263EPSS
Exploits0References1
osv
osv
added 2024/08/07 2:15 p.m.27 views

CVE-2024-43045

Jenkins 2.470 and earlier, LTS 2.452.3 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to access other users' "My Views"...

6.3CVSS6.4AI score
Exploits0References1
cgr
cgr
added 2024/08/07 2:15 p.m.14 views

CVE-2024-43045 vulnerabilities

Vulnerabilities for packages: jenkins...

6.3CVSS6.9AI score0.04263EPSS
Exploits0
cve
cve
added 2024/08/07 1:27 p.m.307 views

CVE-2024-43045

Jenkins Core: CVE-2024-43045 affects Jenkins 2.470 and earlier (including LTS 2.452.3 and earlier). It does not perform a permission check on a specific HTTP endpoint, allowing users with Overall/Read (and with some broader permissions) to access other users’ My Views, and potentially to alter th...

6.3CVSS6.9AI score0.04263EPSS
Exploits0References1Affected Software1
nessus
nessus
added 2024/08/07 12:0 a.m.45 views

Jenkins LTS < 2.452.4 / Jenkins weekly < 2.471 Multiple Vulnerabilities

According to its its self-reported version number, the version of Jenkins running on the remote web server is Jenkins LTS prior to 2.452.4 or Jenkins weekly prior to 2.471. It is, therefore, affected by multiple vulnerabilities: - Jenkins 2.470 and earlier, LTS 2.452.3 and earlier allows agent...

8.8CVSS6.9AI score0.28782EPSS
Exploits4References3
freebsd
freebsd
added 2024/08/07 12:0 a.m.37 views

jenkins -- multiple vulnerabilities

Jenkins Security Advisory: Description Critical SECURITY-3430 / CVE-2024-43044 Arbitrary file read vulnerability through agent connections can lead to RCE Description Medium SECURITY-3349 / CVE-2024-43045 Missing permission check allows accessing other users' "My Views"...

8.8CVSS6.7AI score0.28782EPSS
Exploits4References1
Rows per page
Query Builder