vulnerability
Jenkins Advisory 2017-02-01: CVE-2017-2609: Information disclosure vulnerability in search suggestions
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
4 | (AV:N/AC:L/Au:S/C:P/I:N/A:N) | 2017-11-13 | 2017-11-13 | 2024-11-27 |
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:P/I:N/A:N)
Published
2017-11-13
Added
2017-11-13
Modified
2024-11-27
Description
jenkins before versions 2.44, 2.32.2 is vulnerable to an information disclosure vulnerability in search suggestions (SECURITY-385). The autocomplete feature on the search box discloses the names of the views in its suggestions, including the ones for which the current user does not have access to.
Solution(s)
jenkins-lts-upgrade-2_32_2jenkins-upgrade-2_44

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.