CVE-2012-4438

Sažetak

Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers with read access and HTTP access to Jenkins master to insert data and execute arbitrary code.

Reference

http://www.openwall.com/lists/oss-security/2012/09/21/2
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-4438
https://security-tracker.debian.org/tracker/CVE-2012-4438
https://www.cloudbees.com/jenkins-security-advisory-2012-09-17

CVSS

Base:	6.5
Impact:	6.4
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:S/C:P/I:P/A:P

Zadnje važnije ažuriranje

20-11-2019 - 15:58

Objavljeno

18-11-2019 - 21:15