vulnerability
Jenkins Advisory 2019-07-17: CVE-2019-10354: Unauthorized view fragment access
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:L/Au:S/C:P/I:N/A:N) | Jul 17, 2019 | Jul 22, 2019 | Nov 27, 2024 |
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:P/I:N/A:N)
Published
Jul 17, 2019
Added
Jul 22, 2019
Modified
Nov 27, 2024
Description
A vulnerability in the Stapler web framework used in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier allowed attackers to access view fragments directly, bypassing permission checks and possibly obtain sensitive information.
Solution(s)
jenkins-lts-upgrade-2_176_2jenkins-upgrade-2_186
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.