Jenkins » Jenkins : Security Vulnerabilities, CVEs, Published In 2019 (Denial of service) CVSS score >= 5

CVE-2018-1000408

Public exploit
A denial of service vulnerability exists in Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java that allows attackers without Overall/Read permission to access a specific URL on instances using the built-in Jenkins user database security realm that results in the creation of an ephemeral user record in memory.
Max CVSS
6.5
EPSS Score
0.10%
Published
2019-01-09
Updated
2019-10-03
1 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close