Lucene search
JenkinsCVE-2024-28159HistoryMar 06, 2024 - 5:15 p.m.
CVE-2024-28159
2024-03-0617:15:10
CWE-862
jenkins
web.nvd.nist.gov
48
cve-2024-28159
jenkins
subversion
release manager plugin
authorization
build triggering
security vulnerability
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
AI Score
6.4
Confidence
High
EPSS
0
Percentile
9.0%
A missing permission check in Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier allows attackers with Item/Read permission to trigger a build.
CNA Affected
[
{
"vendor": "Jenkins Project",
"product": "Jenkins Subversion Partial Release Manager Plugin",
"versions": [
{
"version": "0",
"versionType": "maven",
"lessThanOrEqual": "1.0.1",
"status": "affected"
}
],
"defaultStatus": "unknown"
}
]Related
osv
osv
Jenkins Subversion Partial Release Manager Plugin missing permission check
2024-03-06 18:30:39
cvelist
cvelist
CVE-2024-28159
2024-03-06 17:02:00
github
github
Jenkins Subversion Partial Release Manager Plugin missing permission check
2024-03-06 18:30:39
prion
prion
Information disclosure
2024-03-06 17:15:00
vulnrichment
vulnrichment
CVE-2024-28159
2024-03-06 17:02:00
nvd
nvd
CVE-2024-28159
2024-03-06 17:15:10
nessus
nessus
Jenkins plugins Multiple Vulnerabilities (2024-03-06)
2024-03-07 00:00:00
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
AI Score
6.4
Confidence
High
EPSS
0
Percentile
9.0%
Related for CVE-2024-28159