vulnerability
Jenkins Advisory 2019-07-17: CVE-2019-10354: Unauthorized view fragment access
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:L/Au:S/C:P/I:N/A:N) | Jul 17, 2019 | Jul 22, 2019 | Mar 27, 2026 |
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:P/I:N/A:N)
Published
Jul 17, 2019
Added
Jul 22, 2019
Modified
Mar 27, 2026
Description
A vulnerability in the Stapler web framework used in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier allowed attackers to access view fragments directly, bypassing permission checks and possibly obtain sensitive information.
Solutions
jenkins-lts-upgrade-2_176_2jenkins-upgrade-2_186
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.