NVD

Id
36529  
Name
CVE-2013-0158  
Description
Unspecified vulnerability in Jenkins before 1.498, Jenkins LTS before 1.480.2, and Jenkins Enterprise 1.447.x before 1.447.6.1 and 1.466.x before 1.466.12.1, when a slave is attached and anonymous read access is enabled, allows remote attackers to obtain the master cryptographic key via unknown vectors.  
Reject
 
CVSS Version
2  
CVSS Score
2.6  
Severity
Low  
CVSS Base Score
2.6  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
4.9  
CVSS Vector
(AV:N/AC:H/Au:N/C:P/I:N/A:N)  
Pub Date
2017-01-18  
Published
2013-02-24  
Modified Date
2016-07-15  
Seq
2013-0158  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
186529 36529 CVE-2013-0158 RHSA-2013:0220  View
186530 36529 CVE-2013-0158 http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-01-04.cb  View
186531 36529 CVE-2013-0158 [oss-security] 20130107 Re: CVE Request: Jenkins possible remote code execution  View
186532 36529 CVE-2013-0158 https://bugzilla.redhat.com/show_bug.cgi?id=892795  View
186533 36529 CVE-2013-0158 https://github.com/jenkinsci/jenkins/commit/3dc13b957b14cec649036e8dd517f0f9cb21fb04  View
186534 36529 CVE-2013-0158 https://github.com/jenkinsci/jenkins/commit/4895eaafca468b7f0f1a3166b2fca7414f0d5da5  View
186535 36529 CVE-2013-0158 https://github.com/jenkinsci/jenkins/commit/94a8789b699132dd706021a6be1b78bc47f19602  View
186536 36529 CVE-2013-0158 https://github.com/jenkinsci/jenkins/commit/a9aff088f327278a8873aef47fa8f80d3c5932fd  View
186537 36529 CVE-2013-0158 https://github.com/jenkinsci/jenkins/commit/c3d8e05a1b3d58b6c4dcff97394cb3a79608b4b2  View
186538 36529 CVE-2013-0158 https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-01-04  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
20119 JVNDB-2013-001694 CloudBees Jenkins におけるマスターの暗号鍵を取得される脆弱性 CloudBees Jenkins は、スレーブが取り付けられ、匿名読み取りアクセス (anonymous read access) が有効になっている場合、マスターの暗号鍵を取得される脆弱性が存在します。 CVE-2013-0158 60100 CVE-2013-0158 36529 2.6 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001694.html 2013-01-04 2013-02-27 View