Description

Jenkins is an award-winning application that monitors executions of repeated jobs, such as building a software project or jobs run by cron. It's recommended to restrict access to the Jenkins Dashboard as it may contain information that could be useful for an attacker.

Remediation

Restrict access to the Jenkins Dashboard.

References

Jenkins

Related Vulnerabilities

Composer installed.json publicly accessible

WordPress Plugin WordPress Social Stream Information Disclosure (1.6)

WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5730)

Craft CMS Development Mode enabled

TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-3664)

Severity

Medium

Classification

CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Information Disclosure