Kwetsbaarheid CVE-2018-1000410

An Information Exposure Vulnerability Exists In Jenkins 2.145 And Earlier, LTS 2.138.1 And Earlier, And The Stapler Framework Used By These Releases, In Core/src/main/java/org/kohsuke/stapler/RequestImpl.java, Core/src/main/java/hudson/model/Descriptor.java That Allows Attackers With Overall/Administer Permission Or Access To The Local File System To Obtain Credentials Entered By Users If The Form Submission Could Not Be Successfully Processed.

Algemeen

CVE
CVE-2018-1000410
Leverancier(s) betrokken
Omschrijving
An Information Exposure Vulnerability Exists In Jenkins 2.145 And Earlier, LTS 2.138.1 And Earlier, And The Stapler Framework Used By These Releases, In Core/src/main/java/org/kohsuke/stapler/RequestImpl.java, Core/src/main/java/hudson/model/Descriptor.java That Allows Attackers With Overall/Administer Permission Or Access To The Local File System To Obtain Credentials Entered By Users If The Form Submission Could Not Be Successfully Processed.
Publicatie
Woensdag, 9 Januari 2019
Gewijzigd
Maandag, 14 Januari 2019 15:00
Ernst

Referenties

Modificatie geschiedenis

Geef hieronder je email adres op en word op de hoogte gehouden van aanpassingen aan deze CVE