vulnerability

Red Hat OpenShift: CVE-2019-10354: jenkins: Unauthorized view fragment access (SECURITY-534)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:L/Au:S/C:P/I:N/A:N)	Jul 17, 2019	Aug 16, 2019	Mar 30, 2026

Severity

CVSS

(AV:N/AC:L/Au:S/C:P/I:N/A:N)

Published

Jul 17, 2019

Added

Aug 16, 2019

Modified

Mar 30, 2026

Description

A vulnerability in the Stapler web framework used in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier allowed attackers to access view fragments directly, bypassing permission checks and possibly obtain sensitive information.

Solution

linuxrpm-upgrade-jenkins

References

CVE-2019-10354
https://attackerkb.com/topics/CVE-2019-10354
CWE-862
EUVD-EUVD-2022-2814
REDHAT-RHSA-2019:2503
REDHAT-RHSA-2019:2548
https://euvd.enisa.europa.eu/vulnerability/EUVD-2022-2814

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report