Redhat Openshift : Security vulnerabilities, CVEs Information leak published in May 2016

Copy

CVE-2016-3727

The API URL computer/(master)/api/xml in Jenkins before 2.3 and LTS before 1.651.2 allows remote authenticated users with extended read permission for the master node to obtain sensitive information about the global configuration via unspecified vectors.

Max CVSS

4.3

EPSS Score

0.15%

Published

2016-05-17

Updated

2018-01-05

CVE-2016-3724

Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated users with extended read access to obtain sensitive password information by reading a job configuration.

Max CVSS

6.5

EPSS Score

0.15%

Published

2016-05-17

Updated

2018-01-05

CVE-2016-3723

Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated users with read access to obtain sensitive plugin installation information by leveraging missing permissions checks in unspecified XML/JSON API endpoints.

Max CVSS

4.3

EPSS Score

0.15%

Published

2016-05-17

Updated

2018-01-05

3 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!