Published: 23/07/2018 Updated: 13/06/2022

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

CVSS v3 Base Score: 4.3 | Impact Score: 1.4 | Exploitability Score: 2.8

VMScore: 356

Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P

A Improper authorization vulnerability exists in Jenkins 2.132 and previous versions, 2.121.1 and previous versions in SlaveComputer.java that allows attackers with Overall/Read permission to initiate agent launches, and abort in-progress agent launches.

Vulnerable Product	Search on Vulmon	Subscribe to Product
jenkins jenkins
oracle communications cloud native core automated test suite 1.9.0

A Improper authorization vulnerability exists in Jenkins 2132 and earlier, 21211 and earlier in SlaveComputerjava that allows attackers with Overall/Read permission to initiate agent launches, and abort in-progress agent launches ...

The URL that initiates agent launches on the Jenkins master before 2133 did not perform a permission check, allowing users with Overall/Read permission to initiate agent launches Doing so canceled all ongoing launches for the specified agent, so this allowed attackers to prevent an agent from launching indefinitely ...

SMRL_EclipsePlugin This project contains all the XText-based plugins necessary to have an Editor for SMRL in Eclipse Tested with Xtext 216 and 223 Folder SMRL_testWorkspace is not a source project, it is supposed to be used when testing the Eclipse plugin as workspace root For more information sntsvvgithubio/SMRL/ Installing a pre-compiled version of the SMRL Ecl

CWE-863 https://jenkins.io/security/advisory/2018-07-18/#SECURITY-892 https://www.oracle.com/security-alerts/cpuapr2022.html https://nvd.nist.gov https://github.com/SNTSVV/SMRL_EclipsePlugin https://access.redhat.com/security/cve/cve-2018-1999004 https://security.archlinux.org/CVE-2018-1999004

CVE-2018-1999004

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect