Lucene search
+L

4 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:30 a.m.5 views

SUSE CVE-2014-2064

The loadUserByUsername function in hudson/security/HudsonPrivateSecurityRealm.java in Jenkins before 1.551 and LTS before 1.532.2 allows remote attackers to determine whether a user exists via vectors related to failed login attempts...

5CVSS6.5AI score0.02952EPSS
Exploits0References3
OSV
OSV
added 2022/05/17 3:53 a.m.6 views

GHSA-37WM-28RM-56VW Jenkins does not Restrict Reserved Names Allowing for Privilege Escalation

The HudsonPrivateSecurityRealm class in Jenkins before 1.600 and LTS before 1.596.1 does not restrict access to reserved names when using the "Jenkins' own user database" setting, which allows remote attackers to gain privileges by creating a reserved name...

6.1CVSS7.2AI score0.01569EPSS
Exploits0References6
CNVD
CNVD
added 2015/10/22 12:0 a.m.4 views

CloudBees Jenkins CI and LTS Create Reserved Names Vulnerability

CloudBees Jenkins CI formerly known as Hudson Labs is a set of Java-based continuous integration tools from CloudBees, Inc. LTS Long-Term Support is a long-supported version of CloudBees Jenkins CI. A security vulnerability exists in the HudsonPrivateSecurityRealm class in CloudBees Jenkins CI...

4.6CVSS7.2AI score0.01569EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2015/09/30 4:35 p.m.5 views

jenkins: HudsonPrivateSecurityRealm allows creation of reserved names (SECURITY-166)

It was discovered that the internal Jenkins user database did not restrict access to reserved names, allowing users to escalate privileges...

4.6CVSS7.3AI score0.01569EPSS
Exploits0References5
Rows per page
Query Builder