Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Jenkins Permissions Privileges and Access Controls Vulnerability - CVE-2015-1810 - Vulnerability Database
Jenkins

Jenkins Permissions Privileges and Access Controls Vulnerability - CVE-2015-1810

Medium
Reference: CVE-2015-1810
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2015-1810
Title: Jenkins Permissions Privileges and Access Controls Vulnerability
Overview:

The HudsonPrivateSecurityRealm class in Jenkins before 1.600 and LTS before 1.596.1 does not restrict access to reserved names when using the quotJenkins39 own user databasequot setting which allows remote attackers to gain privileges by creating a reserved name.