CVE-2020-2100 — Insufficient Control of Network Message Volume (Network Amplification) in Project Jenkins
Severity
5.8MEDIUMNVD
EPSS
1.4%
top 19.76%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJan 29
Latest updateMay 24
Description
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier was vulnerable to a UDP amplification reflection denial of service attack on port 33848.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4
Affected Packages2 packages
🔴Vulnerability Details
3📋Vendor Advisories
5Cisco▶
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software for Firepower 1000/2100 Series Appliances Secure Boot Bypass Vulnerabilities↗2020-10-21
Cisco
▶