Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Jenkins Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability - CVE-2018-1000194 - Vulnerability Database
Jenkins

Jenkins Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability - CVE-2018-1000194

High
Reference: CVE-2018-1000194
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2018-1000194
Title: Jenkins Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Overview:

A path traversal vulnerability exists in Jenkins 2.120 and older LTS 2.107.2 and older in FilePath.java SoloFilePathFilter.java that allows malicious agents to read and write arbitrary files on the Jenkins master bypassing the agent-to-master security subsystem protection.