CVE-2020-2100
published 2020-01-29CVE-2020-2100: Jenkins 2.218 and earlier, LTS 2.204.1 and earlier was vulnerable to a UDP amplification reflection denial of service attack on port 33848.
PriorityP428medium5.8CVSS 3.1
AVNACLPRNUINSCCNINAL
EPSS
3.44%
87.5th percentile
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier was vulnerable to a UDP amplification reflection denial of service attack on port 33848.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jenkins | code_coverage_plugin | — | — |
| jenkins | fortify_plugin | — | — |
| jenkins | jenkins | <= 2.204.1 | — |
| jenkins | jenkins | <= 2.218 | — |
| jenkins | jenkins_core | — | — |
| jenkins | jenkins_lts | — | — |
| jenkins | jenkins_weekly | — | — |
| jenkins | websphere_deployer_plugin | — | — |
| jenkins_project | jenkins | unspecified – 2.218 | — |
CVSS provenance
nvdv3.15.8MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
vendor_cisco8.6HIGH
vendor_redhat5.8MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Cisco
Cisco Firepower 2100 Series SSL/TLS Inspection Denial of Service Vulnerability
vendor_cisco·2020-10-21·CVSS 8.6
CVE-2020-3562 [HIGH] CWE-119 Cisco Firepower 2100 Series SSL/TLS Inspection Denial of Service Vulnerability
Cisco Firepower 2100 Series SSL/TLS Inspection Denial of Service Vulnerability
A vulnerability in the SSL/TLS inspection of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series firewalls could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
The vulnerability is due to improper input validation for certain fields of specific SSL/TLS messages. An attacker could exploit this vulnerability by sending a malformed SSL/TLS message through an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. No manual intervention is needed to recover the device after it has reloaded.
Cisco has released software updates that address this vulnera
Cisco
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software for Firepower 1000/2100 Series Appliances Secure Boot Bypass Vulnerabilities
vendor_cisco·2020-10-21·CVSS 6.7
CVE-2020-3458 [MEDIUM] CWE-693 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software for Firepower 1000/2100 Series Appliances Secure Boot Bypass Vulnerabilities
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software for Firepower 1000/2100 Series Appliances Secure Boot Bypass Vulnerabilities
Update from October 23, 2020: Cisco has become aware of a new Cisco Adaptive Security Appliance vulnerability that could affect the fixed releases recommended for code trains 9.13 and 9.14 in the Fixed Software section of this advisory. See the Cisco Adaptive Security Appliance Software SSL/TLS Denial of Service Vulnerability for additional information.
Multiple vulnerabilities in the secure boot process of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software for the Firepower 1000 Series and Firepower 2100 Series Appliances could allow an authenticated, local attacker to bypass the secure bo
Cisco
Cisco Firepower 2100 Series Security Appliances ARP Denial of Service Vulnerability
vendor_cisco·2020-05-06·CVSS 7.4
CVE-2020-3334 [HIGH] CWE-399 Cisco Firepower 2100 Series Security Appliances ARP Denial of Service Vulnerability
Cisco Firepower 2100 Series Security Appliances ARP Denial of Service Vulnerability
A vulnerability in the ARP packet processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Security Appliances could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition on an affected device.
The vulnerability is due to incorrect processing of ARP packets received by the management interface of an affected device. An attacker could exploit this vulnerability by sending a series of unicast ARP packets in a short timeframe that would reach the management interface of an affected device. A successful exploit could allow the attacker to consume
Jenkins
Jenkins Security Advisory 2020-01-29
vendor_jenkins·2020-01-29·CVSS 8.6
CVE-2020-2099 [HIGH] Jenkins Security Advisory 2020-01-29
Title: Jenkins Security Advisory 2020-01-29
Jenkins Security Advisory 2020-01-29
Jenkins Security Home
For Administrators
Overview
Terminology
Vulnerabilities and Scoring
Security Advisories
Security Issues
Advisory Schedule
Vulnerabilities in Plugins
How We Fix Security Issues
For Reporters
Reporting Vulnerabilities
Jenkins CNA
For Maintainers
Overview
Vulnerabilities in Plugins
Jenkins Security Team
About
Contributions
This advisory announces vulnerabilities in the following Jenkins deliverables:
Jenkins (core)
Code Coverage
Plugin
Fortify
Plugin
WebSphere Deployer
Plugin
Descriptions
Inbound TCP Agent Protocol/3 authentication bypass
SECURITY-1682
/
CVE-2020-2099
Se
Red Hat
jenkins: UDP multicast/broadcast service amplification reflection attack
vendor_redhat·2020-01-29·CVSS 5.8
CVE-2020-2100 [MEDIUM] CWE-406 jenkins: UDP multicast/broadcast service amplification reflection attack
jenkins: UDP multicast/broadcast service amplification reflection attack
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier was vulnerable to a UDP amplification reflection denial of service attack on port 33848.
Cisco
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software for Firepower 1000/2100 Series Appliances Secure Boot Bypass Vulnerabilities
vendor_cisco·CVSS 3.0
CVE-2020-3458 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software for Firepower 1000/2100 Series Appliances Secure Boot Bypass Vulnerabilities
CVE-2020-3458: Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software for Firepower 1000/2100 Series Appliances Secure Boot Bypass Vulnerabilities
Update from October 23, 2020: Cisco has become aware of a new Cisco Adaptive Security Appliance vulnerability that could affect the fixed releases recommended for code trains 9.13 and 9.14 in the Fixed Software section of this advisory. See the Cisco Adaptive Security Appliance Software SSL/TLS Denial of Service Vulnerability for additional information. Multiple vulnerabilities in the secure boot process of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software for the Firepower 1000 Series and Firepower 2100 Series Appliances could allow an authenticated, local attacker to bypass t
Cisco
Cisco Firepower 2100 Series Security Appliances ARP Denial of Service Vulnerability
vendor_cisco·CVSS 3.0
CVE-2020-3334 Cisco Firepower 2100 Series Security Appliances ARP Denial of Service Vulnerability
CVE-2020-3334: Cisco Firepower 2100 Series Security Appliances ARP Denial of Service Vulnerability
A vulnerability in the ARP packet processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Security Appliances could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect processing of ARP packets received by the management interface of an affected device. An attacker could exploit this vulnerability by sending a series of unicast ARP packets in a short timeframe that would reach the management interface of an affected device. A successful exploit could allow the attack
Cisco
Cisco Firepower 2100 Series SSL/TLS Inspection Denial of Service Vulnerability
vendor_cisco·CVSS 3.0
CVE-2020-3562 Cisco Firepower 2100 Series SSL/TLS Inspection Denial of Service Vulnerability
CVE-2020-3562: Cisco Firepower 2100 Series SSL/TLS Inspection Denial of Service Vulnerability
A vulnerability in the SSL/TLS inspection of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series firewalls could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation for certain fields of specific SSL/TLS messages. An attacker could exploit this vulnerability by sending a malformed SSL/TLS message through an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. No manual intervention is needed to recover the device after it has reloaded. Cisco has released software updates that address
GHSA
Jenkins vulnerable to UDP amplification reflection attack
ghsa·2022-05-24
CVE-2020-2100 [MEDIUM] CWE-406 Jenkins vulnerable to UDP amplification reflection attack
Jenkins vulnerable to UDP amplification reflection attack
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier supports two network discovery services (UDP multicast/broadcast and DNS multicast) by default.
The UDP multicast/broadcast service can be used in an amplification reflection attack, as very few bytes sent to the respective endpoint result in much larger responses: A single byte request to this service would respond with more than 100 bytes of Jenkins metadata which could be used in a DDoS attack on a Jenkins controller. Within the same network, spoofed UDP packets could also be sent to make two Jenkins controllers go into an infinite loop of replies to one another, thus causing a denial of service.
Jenkins 2.219, LTS 2.204.2 now disables both UDP multicast/broadcast and DNS mult
OSV
Jenkins vulnerable to UDP amplification reflection attack
osv·2022-05-24
CVE-2020-2100 [MEDIUM] Jenkins vulnerable to UDP amplification reflection attack
Jenkins vulnerable to UDP amplification reflection attack
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier supports two network discovery services (UDP multicast/broadcast and DNS multicast) by default.
The UDP multicast/broadcast service can be used in an amplification reflection attack, as very few bytes sent to the respective endpoint result in much larger responses: A single byte request to this service would respond with more than 100 bytes of Jenkins metadata which could be used in a DDoS attack on a Jenkins controller. Within the same network, spoofed UDP packets could also be sent to make two Jenkins controllers go into an infinite loop of replies to one another, thus causing a denial of service.
Jenkins 2.219, LTS 2.204.2 now disables both UDP multicast/broadcast and DNS mult
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2020-2100 jenkins: UDP multicast/broadcast service amplification reflection attack [fedora-all]
bugzilla·2020-01-31·CVSS 5.8
CVE-2020-2100 [MEDIUM] CVE-2020-2100 jenkins: UDP multicast/broadcast service amplification reflection attack [fedora-all]
CVE-2020-2100 jenkins: UDP multicast/broadcast service amplification reflection attack [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multi
Bugzilla
CVE-2020-2100 jenkins: UDP multicast/broadcast service amplification reflection attack
bugzilla·2020-01-31·CVSS 5.8
CVE-2020-2100 [MEDIUM] CVE-2020-2100 jenkins: UDP multicast/broadcast service amplification reflection attack
CVE-2020-2100 jenkins: UDP multicast/broadcast service amplification reflection attack
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier was vulnerable to a UDP amplification reflection denial of service attack on port 33848.
References:
https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1641
http://www.openwall.com/lists/oss-security/2020/01/29/1
Discussion:
Created jenkins tracking bugs for this issue:
Affects: fedora-all [bug 1797088]
---
This bug has been fixed by https://errata.devel.redhat.com/advisory/50532 that brought Jenkins 2.204.2
Wiz
CVE-2020-37140 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 8.4
CVE-2020-37140 [HIGH] CVE-2020-37140 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2020-37140 :
FinalWire AIDA64 vulnerability analysis and mitigation
Everest, later referred to as AIDA64, 5.50.2100 contains a denial of service vulnerability that allows local attackers to crash the application by manipulating file open functionality. Attackers can generate a 450-byte buffer of repeated characters and paste it into the file open dialog to trigger an application crash.
Source : NVD
## 4.6
Score
Published February 5, 2026
Severity MEDIUM
CNA Score 4.6
Affected Technologies
FinalWire AIDA64
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 0.3
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:aida64:aida64
Sources
Windows Severity M
http://www.openwall.com/lists/oss-security/2020/01/29/1https://access.redhat.com/errata/RHBA-2020:0402https://access.redhat.com/errata/RHBA-2020:0675https://access.redhat.com/errata/RHSA-2020:0681https://access.redhat.com/errata/RHSA-2020:0683https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1641http://www.openwall.com/lists/oss-security/2020/01/29/1https://access.redhat.com/errata/RHBA-2020:0402https://access.redhat.com/errata/RHBA-2020:0675https://access.redhat.com/errata/RHSA-2020:0681https://access.redhat.com/errata/RHSA-2020:0683https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1641
2020-01-29
Published