Kwetsbaarheid CVE-2018-1000409

A Session Fixation Vulnerability Exists In Jenkins 2.145 And Earlier, LTS 2.138.1 And Earlier In Core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java That Prevented Jenkins From Invalidating The Existing Session And Creating A New One When A User Signed Up For A New User Account.

Algemeen

CVE
CVE-2018-1000409
Leverancier(s) betrokken
Omschrijving
A Session Fixation Vulnerability Exists In Jenkins 2.145 And Earlier, LTS 2.138.1 And Earlier In Core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java That Prevented Jenkins From Invalidating The Existing Session And Creating A New One When A User Signed Up For A New User Account.
Publicatie
Woensdag, 9 Januari 2019
Gewijzigd
Maandag, 14 Januari 2019 15:00
Ernst

Referenties

Modificatie geschiedenis

Geef hieronder je email adres op en word op de hoogte gehouden van aanpassingen aan deze CVE