Description

Jenkins is an award-winning application that monitors executions of repeated jobs, such as building a software project or jobs run by cron.

The Jenkins allows registering a new user and accessing the dashboard.

Remediation

It's recommended to turn off user registration

References

Securing Jenkins

Related Vulnerabilities

Unrestricted access to ImageResizer Diagnotics plugin

WordPress Plugin Formidable Forms-Contact Form, Survey, Quiz, Calculator & Custom Form Builder Information Disclosure (2.0.07)

WordPress Plugin WP Activity Log Information Disclosure (3.1.1)

HTTP Strict Transport Security (HSTS) Errors and Warnings

Unrestricted access to Prometheus Metrics

Severity

Medium

Classification

CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Configuration