WEB APPLICATION VULNERABILITIES SCA (Software Composition Analysis)

CVE-2014-3662 Vulnerability in maven package org.jenkins-ci.main:jenkins-core

Description

Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to enumerate user names via vectors related to login attempts.

Remediation

References

https://access.redhat.com/errata/RHSA-2016:0070

https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01

Related Vulnerabilities

CVE-2020-11971 Vulnerability in maven package org.apache.camel:camel-main

CVE-2018-6341 Vulnerability in maven package org.webjars.bowergithub.vuejs:vue

CVE-2012-0392 Vulnerability in maven package org.apache.struts.xwork:xwork-core

CVE-2022-36916 Vulnerability in maven package org.jenkins-ci.plugins:google-cloud-backup

CVE-2023-32996 Vulnerability in maven package io.jenkins.plugins:miniorange-saml-sp

Severity

Critical

Classification

CWE-200

Tags

Vendor Advisory