Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2021-21688

A security issue has been found in Jenkins before version 2.319. FilePath#reading(FileVisitor) does not reject any operations, allowing users to have unrestricted read access using certain operations (creating archives, #copyRecursiveTo). This allows agent processes to read and write arbitrary files on the Jenkins controller file system, and obtain some information about Jenkins controller file systems.

Source

Severity Critical

Remote Yes

Type Arbitrary filesystem access

Description

A security issue has been found in Jenkins before version 2.319. FilePath#reading(FileVisitor) does not reject any operations, allowing users to have unrestricted read access using certain operations (creating archives, #copyRecursiveTo). This allows agent processes to read and write arbitrary files on the Jenkins controller file system, and obtain some information about Jenkins controller file systems.

AVG-2526 jenkins 2.318-1 Critical Vulnerable

https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Vulmon Search

About

Products

Connect