Cross-Site Request Forgery in Jenkins Sounds Plugin by Jenkins
CVE-2020-2098
8.8HIGH
What is CVE-2020-2098?
The Jenkins Sounds Plugin prior to version 0.6 experiences a cross-site request forgery vulnerability, enabling attackers to execute arbitrary operating system commands through the affected Jenkins instance. This flaw arises when insufficient verification is present in requests sent to the Jenkins server, allowing remote users to exploit the system without proper authentication.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Jenkins Sounds Plugin <= 0.5
References
CVSS V3.1
Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved