vulnerability

Red Hat OpenShift: CVE-2019-10353: jenkins: CSRF protection tokens did not expire (SECURITY-626)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:H/Au:N/C:P/I:P/A:P)	Jul 17, 2019	Aug 16, 2019	Aug 11, 2025

Severity

CVSS

(AV:N/AC:H/Au:N/C:P/I:P/A:P)

Published

Jul 17, 2019

Added

Aug 16, 2019

Modified

Aug 11, 2025

Description

CSRF tokens in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier did not expire, thereby allowing attackers able to obtain them to bypass CSRF protection.

Solution

linuxrpm-upgrade-jenkins

References

CVE-2019-10353
https://attackerkb.com/topics/CVE-2019-10353
CWE-352
REDHAT-RHSA-2019:2503
REDHAT-RHSA-2019:2548

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today