Description

Jenkins is an award-winning application that monitors executions of repeated jobs, such as building a software project or jobs run by cron.

The Jenkins allows registering a new user and accessing the dashboard.

Remediation

It's recommended to turn off user registration

References

Securing Jenkins

Related Vulnerabilities

WordPress Plugin WordPress File Upload Multiple Vulnerabilities (2.7.6)

WordPress Plugin Shopp Multiple Vulnerabilities (1.0.17)

Apache Solr endpoint

WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-5487)

MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6335)

Severity

Medium

Classification

CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Configuration