4
CVSSv2

CVE-2021-21651

Published: 11/05/2021 Updated: 25/10/2023
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
CVSS v3 Base Score: 4.3 | Impact Score: 1.4 | Exploitability Score: 2.8
VMScore: 356
Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

Vulnerability Summary

Jenkins S3 publisher Plugin 0.11.6 and previous versions does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to obtain the list of configured profiles.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

jenkins s3 publisher

Mailing Lists

Jenkins is an open source automation server which enables developers around the world to reliably build, test, and deploy their software The following releases contain fixes for security vulnerabilities: * Credentials Plugin 2319 * Dashboard View Plugin 216 * P4 Plugin 1115 * S3 publisher Plugin 0117 * Xcode integration Plugin 2015 * Xr ...