Description

The remoting module in Jenkins before 2.32 and LTS before 2.19.3 allows remote attackers to execute arbitrary code via a crafted serialized Java object, which triggers an LDAP query to a third-party server.

Remediation

References

CVE-2016-9299

Related Vulnerabilities

Moodle CVE-2023-5543 Vulnerability (CVE-2023-5543)

WordPress 5.3.x Multiple Vulnerabilities (5.3 - 5.3.3)

ZenCart Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2024-5762)

Lighttpd Other Vulnerability (CVE-2008-1531)

WordPress Plugin Soundy Background Music Cross-Site Scripting (3.1)

Severity

Critical

Classification

CVE-2016-9299 CWE-138 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities