CVE-2015-1809
Description
XML external entity (XXE) vulnerability in CloudBees Jenkins before 1.600 and LTS before 1.596.1 allows remote attackers to read arbitrary XML files via an XPath query.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.132
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2015-1811,CVE-2015-1809 are fixed in Jenkins-Core 1.600 | Windows |
| Vulnerabilities CVE-2015-1811,CVE-2015-1809 are fixed in Jenkins-Core 1.596.1 | Windows |
| Vulnerabilities CVE-2015-1811,CVE-2015-1809,CVE-2015-1810,CVE-2015-1806,CVE-2015-1808 are fixed in Jenkins-Core 1.600 | Windows |
| Vulnerabilities CVE-2015-1811,CVE-2015-1809,CVE-2015-1810,CVE-2015-1806,CVE-2015-1808 are fixed in Jenkins-Core 1.596.1 | Windows |
| Vulnerabilities CVE-2015-1811,CVE-2015-1809 are fixed in Jenkins-Core for Linux 1.600 | Linux |
| Vulnerabilities CVE-2015-1811,CVE-2015-1809 are fixed in Jenkins-Core for Linux 1.596.1 | Linux |
| Vulnerabilities CVE-2015-1811,CVE-2015-1809,CVE-2015-1810,CVE-2015-1806,CVE-2015-1808 are fixed in Jenkins-Core for Linux 1.600 | Linux |
| Vulnerabilities CVE-2015-1811,CVE-2015-1809,CVE-2015-1810,CVE-2015-1806,CVE-2015-1808 are fixed in Jenkins-Core for Linux 1.596.1 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234