Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Jenkins Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability - CVE-2018-1000863 - Vulnerability Database
Jenkins

Jenkins Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability - CVE-2018-1000863

High
Reference: CVE-2018-1000863
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2018-1000863
Title: Jenkins Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Overview:

A data modification vulnerability exists in Jenkins 2.153 and earlier LTS 2.138.3 and earlier in User.java IdStrategy.java that allows attackers to submit crafted user names that can cause an improper migration of user record storage formats potentially preventing the victim from logging into Jenkins.