Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Jenkins Missing Authorization Vulnerability - CVE-2019-10354 - Vulnerability Database
Jenkins

Jenkins Missing Authorization Vulnerability - CVE-2019-10354

Medium
Reference: CVE-2019-10354
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2019-10354
Title: Jenkins Missing Authorization Vulnerability
Overview:

A vulnerability in the Stapler web framework used in Jenkins 2.185 and earlier LTS 2.176.1 and earlier allowed attackers to access view fragments directly bypassing permission checks and possibly obtain sensitive information.