Lucene search
Ubuntu.comUB:CVE-2014-3667HistoryOct 16, 2014 - 12:00 a.m.
CVE-2014-3667
2014-10-1600:00:00
ubuntu.com
ubuntu.com
8
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
46.3%
Jenkins before 1.583 and LTS before 1.565.3 does not properly prevent
downloading of plugins, which allows remote authenticated users with the
Overall/READ permission to obtain sensitive information by reading the
plugin code.
Related
veracode
veracode
Information Disclosure
2019-05-02 04:56:01
Man-In-The-Middle (MitM)
2019-05-02 05:21:35
Path Traversal
2019-05-02 05:21:26
cvelist
cvelist
CVE-2014-3667
2014-10-16 19:00:00
cve
cve
CVE-2014-3667
2014-10-16 19:55:08
nvd
nvd
CVE-2014-3667
2014-10-16 19:55:08
prion
prion
Code injection
2014-10-16 19:55:00
openvas
openvas
Jenkins Multiple Vulnerabilities (Oct 2014) - Windows
2015-12-21 00:00:00
Jenkins Multiple Vulnerabilities (Oct 2014) - Linux
2016-08-05 00:00:00
archlinux
archlinux
jenkins: multiple issues
2014-10-02 00:00:00
nessus
nessus
Jenkins < 1.583 / 1.565.3 and Jenkins Enterprise 1.532.x / 1.554.x / 1.565.x < 1.532.10.1 / 1.554.10.1 / 1.565.3.1 Multiple Vulnerabilities
2014-11-04 00:00:00
FreeBSD : jenkins -- remote execution, privilege escalation, XSS, password exposure, ACL hole, DoS (549a2771-49cc-11e4-ae2c-c80aa9043978)
2014-10-02 00:00:00
RHEL 7 : openshift (RHSA-2016:0070)
2018-12-06 00:00:00
freebsd
freebsd
redhat
redhat
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
46.3%
Related for UB:CVE-2014-3667