CVE-2015-1807Path Traversal in Jenkins

CWE-22Path TraversalCWE-59Link Following6 documents5 sources
Severity
3.5LOWNVD
EPSS
0.1%
top 67.75%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
JenkinsRedhat Openshift
Timeline
PublishedOct 16
Latest updateMay 17

Description

Directory traversal vulnerability in Jenkins before 1.600 and LTS before 1.596.1 allows remote authenticated users with certain permissions to read arbitrary files via a symlink, related to building artifacts.

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 6.8 | Impact: 2.9

Affected Packages2 packages

NVDjenkins/jenkins1.580.3+1

🔴Vulnerability Details

2
GHSA
GHSA-873f-j2c4-w2vp: Directory traversal vulnerability in Jenkins before 12022-05-17
CVEList
CVE-2015-1807: Directory traversal vulnerability in Jenkins before 12015-10-16

📋Vendor Advisories

1
Red Hat
jenkins: directory traversal from artifacts via symlink (SECURITY-162)2015-02-27

💬Community

2
Bugzilla
CVE-2015-1807 jenkins: directory traversal from artifacts via symlink (SECURITY-162)2015-03-25
Bugzilla
CVE-2015-1806 CVE-2015-1807 CVE-2015-1813 CVE-2015-1812 CVE-2015-1811 CVE-2015-1810 CVE-2015-1808 CVE-2015-1809 CVE-2015-1814 jenkins: various flaws [fedora-all]2015-03-25
CVE-2015-1807 — Path Traversal in Jenkins | cvebase