Access Control Flaw in Exclusion Plugin for Jenkins
CVE-2013-6373

Currently unrated

Key Information:

Vendor: Jenkins-ci
Status: Exclusion
Vendor: CVE Published:; 25 November 2013

What is CVE-2013-6373?

The Exclusion plugin for Jenkins, prior to version 0.9, contains an access control flaw that improperly manages resource locks. This vulnerability allows remote authenticated users to list and release resources without appropriate permissions. By exploiting this weakness, users can gain unauthorized access to critical resources, potentially compromising the integrity of the Jenkins environment.

References

https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Secu...

x_refsource_MISC

https://wiki.jenkins-ci.org/display/JENKINS/Exclusion-Plugin

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 25, 2013
Vulnerability Reserved
Nov 4, 2013

Jenkins-ci

What is CVE-2013-6373?

References

Timeline