Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Jenkins Protection Mechanism Failure Vulnerability (CVE-2021-21690 ) - Vulnerability Database

Jenkins Protection Mechanism Failure Vulnerability (CVE-2021-21690 )

Description

Agent processes are able to completely bypass file path filtering by wrapping the file operation in an agent file path in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier.

References

CVE-2021-21690

Related Vulnerabilities

XWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-32732) Medium
Common tags: Missing Update Known Vulnerabilities
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-7740) Medium
Common tags: Missing Update Known Vulnerabilities
phpMyAdmin CVE-2019-6799 Vulnerability (CVE-2019-6799) Medium
Common tags: Missing Update Known Vulnerabilities
Moodle Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-6970) High
Common tags: Missing Update Known Vulnerabilities
Django Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-6975) High
Common tags: Missing Update Known Vulnerabilities

Severity

Critical

Classification

CVE-2021-21690
CWE-693

Tags

Missing Update
Known Vulnerabilities