Description

Directory traversal vulnerability in the CLI job creation (hudson/cli/CreateJobCommand.java) in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to overwrite arbitrary files via the job name.

Remediation

References

CVE-2014-2059

Related Vulnerabilities

Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3747)

Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-3170)

WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.28)

Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-1000509)

WordPress Plugin Quick Buy For Woocommerce Arbitrary File Disclosure (2.0)

Severity

Medium

Classification

CVE-2014-2059 CWE-22

Tags

Missing Update Known Vulnerabilities