Jenkins CVE-2013-0327 Cross Site Request Forgery Vulnerability
BID:58454
Info
Jenkins CVE-2013-0327 Cross Site Request Forgery Vulnerability
| Bugtraq ID: | 58454 |
| Class: | Design Error |
| CVE: |
CVE-2013-0327 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 23 2013 12:00AM |
| Updated: | Mar 19 2015 09:27AM |
| Credit: | The vendor reported this issue. |
| Vulnerable: | |
| Not Vulnerable: | |
Discussion
Jenkins CVE-2013-0327 Cross Site Request Forgery Vulnerability
Jenkins is prone to a cross-site request-forgery vulnerability.
Exploiting this issue may allow a remote attacker to perform certain unauthorized administrative actions and gain access to the affected application. Other attacks are also possible.
Versions prior to Jenkins 1.480.3 and 1.502 are vulnerable.
Jenkins is prone to a cross-site request-forgery vulnerability.
Exploiting this issue may allow a remote attacker to perform certain unauthorized administrative actions and gain access to the affected application. Other attacks are also possible.
Versions prior to Jenkins 1.480.3 and 1.502 are vulnerable.
Exploit / POC
Jenkins CVE-2013-0327 Cross Site Request Forgery Vulnerability
To exploit this issue, an attacker must entice an unsuspecting victim to open a malicious URI.
To exploit this issue, an attacker must entice an unsuspecting victim to open a malicious URI.
Solution / Fix
Jenkins CVE-2013-0327 Cross Site Request Forgery Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Jenkins CVE-2013-0327 Cross Site Request Forgery Vulnerability
References:
References:
- Jenkins CI Homepage (Jenkins CI)