Improper Authorization in Jenkins Subversion Plugin Affects Network Security
CVE-2018-1000111

5.3MEDIUM

Key Information:

Vendor: Jenkins
Status: Subversion
Vendor: CVE Published:; 13 March 2018

Summary

An improper authorization vulnerability in the Jenkins Subversion Plugin allows attackers with network access to exploit the plugin's functionality. This exploitation can lead to unauthorized disclosure of sensitive information, including a list of nodes and users associated with the Jenkins instance. Ensuring that plugins are up to date and monitoring user access permissions are critical to mitigating this risk.

References

https://jenkins.io/security/advisory/2018-02-26/#SECURITY...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Mar 13, 2018