Home

CVE-2015-5317

Description

The Fingerprints pages in Jenkins before 1.638 and LTS before 1.625.2 might allow remote attackers to obtain sensitive job and build name information via a direct request.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
27.392

Associated Vulnerability

VulnerabilityOS Platform
Multiple vulnerabilities affected in Jenkins 1.637Windows
Vulnerabilities CVE-2015-7536,CVE-2015-5317 are fixed in Jenkins-Core 1.625.2Windows
Vulnerabilities CVE-2015-5317 are fixed in Jenkins-Core 1.638Windows
Multiple vulnerabilities are fixed in Jenkins-Core 1.625.2Windows
Multiple vulnerabilities are fixed in Jenkins-Core 1.638Windows
Multiple vulnerabilities affected in Jenkins 1.637 (For Ubuntu)Linux
Multiple vulnerabilities affected in Jenkins 1.637 (For Debian)Linux
Multiple vulnerabilities affected in Jenkins 1.637 (For Centos)Linux
Multiple vulnerabilities affected in Jenkins 1.637 (For RedHat)Linux
Multiple vulnerabilities affected in Jenkins 1.637 (For Suse)Linux
Vulnerabilities CVE-2015-7536,CVE-2015-5317 are fixed in Jenkins-Core for Linux 1.625.2Linux
Vulnerabilities CVE-2015-5317 are fixed in Jenkins-Core for Linux 1.638Linux
Multiple vulnerabilities are fixed in Jenkins-Core for Linux 1.625.2Linux
Multiple vulnerabilities are fixed in Jenkins-Core for Linux 1.638Linux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234