admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-09-17 18:45:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2019/CVE-2019-103xx/CVE-2019-10351.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

161 lines
4.5 KiB
JSON
Raw Blame History

{
"id": "CVE-2019-10351",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2019-07-11T14:15:11.100",
"lastModified": "2024-11-21T04:18:56.913",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Jenkins Caliper CI Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system."
},
{
"lang": "es",
"value": "El Plugin Caliper CI de Jenkins, almacena las credenciales no cifradas en los archivos de trabajo config.xml en el maestro de Jenkins, donde pueden ser visualizadas por los usuarios con permiso de Lectura Extendida o con acceso al sistema de archivos maestro."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"baseScore": 4.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-312"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jenkins:caliper_ci:*:*:*:*:*:jenkins:*:*",
"versionEndIncluding": "2.3",
"matchCriteriaId": "C93B3F48-78F4-42B5-8990-6605F4CE330C"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2019/07/11/4",
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/109156",
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://jenkins.io/security/advisory/2019-07-11/#SECURITY-1437",
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-836/",
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2019/07/11/4",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/109156",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://jenkins.io/security/advisory/2019-07-11/#SECURITY-1437",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-836/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink