6.5
CVE-2019-10375
- EPSS 0.27%
- Veröffentlicht 07.08.2019 15:15:12
- Zuletzt bearbeitet 21.11.2024 04:18:59
- Quelle jenkinsci-cert@googlegroups.co
- CVE-Watchlists
- Unerledigt
LoginAn arbitrary file read vulnerability in Jenkins File System SCM Plugin 2.1 and earlier allows attackers able to configure jobs in Jenkins to obtain the contents of any file on the Jenkins master.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Jenkins ≫ File System Scm SwPlatformjenkins Version <= 2.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.27% | 0.474 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:P/I:N/A:N
|