Users who cached their CLI authentication before Jenkins was updated to 2.150.2 and newer, or 2.160 and newer, would remain authenticated in Jenkins 2.171 and previous versions and Jenkins LTS 2.164.1 and previous versions, because the fix for CVE-2019-1003004 in these releases did not reject existing remoting-based CLI authentication caches.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jenkins jenkins |
||
redhat openshift container platform 3.11 |
||
oracle communications cloud native core automated test suite 1.9.0 |