Download
| Alert*
oval:org.secpod.oval:def:1801456
CVE-2019-1003049: Jenkins accepted cached legacy CLI authentication¶ Users who cached their CLI authentication before Jenkins was updated to 2.150.2 and newer, or 2.160 and newer, would remain authenticated in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, because the fix for CV ... oval:org.secpod.oval:def:55922 The host is installed with Jenkins LTS through 2.164.1 or Jenkins rolling release through 2.171 and is prone to a privilege escalation vulnerability. The flaw is present in the application, which fails to properly handle remoting-based CLI authentication caches. Successful exploitation could allow a ... oval:org.secpod.oval:def:56001 The host is installed with Jenkins LTS through 2.164.1 or Jenkins rolling release through 2.171 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle an issue in CLI authentication. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:55918 The host is installed with Jenkins LTS through 2.164.1 or Jenkins rolling release through 2.171 and is prone to a privilege escalation vulnerability. The flaw is present in the application, which fails to properly handle remoting-based CLI authentication caches. Successful exploitation could allow a ... oval:org.secpod.oval:def:55640 The host is installed with Jenkins LTS through 2.164.1 or Jenkins rolling release through 2.171 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle an issue in CLI authentication. Successful exploitation could allow attackers to ... |