Information Disclosure Vulnerability in Jenkins Monitoring Plugin
CVE-2014-3679

Currently unrated

Key Information:

Vendor: Jenkins-ci
Status: Monitoring Plugin
Vendor: CVE Published:; 16 October 2014

What is CVE-2014-3679?

The Monitoring Plugin for Jenkins prior to version 1.53.0 contains a vulnerability that allows remote attackers to access sensitive information through unspecified pages. This issue could potentially be exploited to gain unauthorized insights into system configurations or user data, emphasizing the need for timely updates and monitoring of plugin versions in use.

References

https://wiki.jenkins-ci.org/display/JENKINS/Monitoring

x_refsource_CONFIRM

https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Secu...

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 16, 2014
Vulnerability Reserved
May 14, 2014

Jenkins-ci

What is CVE-2014-3679?

References

Timeline