NVD

Id
30562  
Name
CVE-2014-2068  
Description
The doIndex function in hudson/util/RemotingDiagnostics.java in CloudBees Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users with the ADMINISTER permission to obtain sensitive information via vectors related to heapDump.  
Reject
 
CVSS Version
2  
CVSS Score
3.5  
Severity
Low  
CVSS Base Score
3.5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
6.8  
CVSS Vector
(AV:N/AC:M/Au:S/C:P/I:N/A:N)  
Pub Date
2017-01-19  
Published
2014-10-17  
Modified Date
2016-06-13  
Seq
2014-2068  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
161506 30562 CVE-2014-2068 [oss-security] 20140220 Re: Possible CVE Requests: several issues fixed in Jenkins (Advisory 2014-02-14)  View
161507 30562 CVE-2014-2068 https://github.com/jenkinsci/jenkins/commit/0530a6645aac10fec005614211660e98db44b5eb  View
161508 30562 CVE-2014-2068 https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-02-14  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
16053 JVNDB-2014-004928 CloudBees Jenkins の hudson/util/RemotingDiagnostics.java の doIndex 関数における重要な情報を取得される脆弱性 CloudBees Jenkins の hudson/util/RemotingDiagnostics.java の doIndex 関数には、heapDump に関する処理に不備があるため、重要な情報を取得される脆弱性が存在します。 CVE-2014-2068 69355 CVE-2014-2068 30562 2.1 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-004928.html 2014-02-08 2014-10-23 View