← Zuruck zu CVEs
CVE-2015-5323
N/ABeschreibung
Jenkins before 1.638 and LTS before 1.625.2 do not properly restrict access to API tokens which might allow remote administrators to gain privileges and run scripts by using an API token of another user.
CVE Details
CVSS v3.1 BewertungN/A
Veroffentlicht11/25/2015
Zuletzt geandert4/12/2025
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
jenkins:jenkinsredhat:openshift
Schwachen (CWE)
CWE-264
Referenzen
http://rhn.redhat.com/errata/RHSA-2016-0489.html(secalert@redhat.com)
https://access.redhat.com/errata/RHSA-2016:0070(secalert@redhat.com)
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11(secalert@redhat.com)
http://rhn.redhat.com/errata/RHSA-2016-0489.html(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2016:0070(af854a3a-2127-422b-91ae-364da2661108)
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.