NVD

Id
30552  
Name
CVE-2014-2058  
Description
BuildTrigger in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to bypass access restrictions and execute arbitrary jobs by configuring a job to trigger another job. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7330.  
Reject
 
CVSS Version
2  
CVSS Score
6.5  
Severity
Medium  
CVSS Base Score
6.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8  
CVSS Vector
(AV:N/AC:L/Au:S/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2014-10-17  
Modified Date
2016-06-13  
Seq
2014-2058  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
161475 30552 CVE-2014-2058 [oss-security] 20140220 Re: Possible CVE Requests: several issues fixed in Jenkins (Advisory 2014-02-14)  View
161476 30552 CVE-2014-2058 https://github.com/jenkinsci/jenkins/commit/b6b2a367a7976be80a799c6a49fa6c58d778b50e  View
161477 30552 CVE-2014-2058 https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-02-14  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
16045 JVNDB-2014-004920 CloudBees Jenkins の BuildTrigger におけるアクセス制限を回避される脆弱性 CloudBees Jenkins の BuildTrigger には、アクセス制限を回避され、任意のジョブを実行される脆弱性が存在します。 CVE-2014-2058 69345 CVE-2014-2058 30552 6.5 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-004920.html 2014-02-11 2014-10-23 View