NVD
- Id
- 28087
- Name
- CVE-2015-7539
- Description
- The Plugins Manager in Jenkins before 1.640 and LTS before 1.625.2 does not verify checksums for plugin files referenced in update site data, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted plugin.
- Reject
- CVSS Version
- 2
- CVSS Score
- 7.6
- Severity
- High
- CVSS Base Score
- 7.6
- CVSS Impact Subscore
- 10
- CVSS Exploit Subscore
- 4.9
- CVSS Vector
- (AV:N/AC:H/Au:N/C:C/I:C/A:C)
- Pub Date
- 2017-01-19
- Published
- 2016-02-03
- Modified Date
- 2016-06-13
- Seq
- 2015-7539