Jenkins plugins Multiple Vulnerabilities (2023-06-14)

high Nessus Plugin ID 177394

Version 1.5

Oct 4, 2024, 1:49 AM

  • Plugin metadata

Plugin Feed: 202410040149

Version 1.4

Jun 5, 2024, 10:55 AM

  • Required Scan configuration ("Enable cgi scanning" set to "True")

Plugin Feed: 202406051055

Version 1.3

Jul 28, 2023, 9:58 AM

  • Logic Changes (adjusted to match vcf_extras.inc and jenkins_detect.inc changes)

Plugin Feed: 202307280958

Version 1.2

Jul 6, 2023, 4:17 PM

  • CVSS metrics ("CVSSv2 score" changed from 3.5 to 7.8. "CVSSv3 score" changed from 5.4 to 8.1. "CVSSv3 vector" changed from "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" to "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H". "CVSSv2 vector" changed from "CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:N" to "CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N")
  • CVSSv2 score source (changed from "CVE-2023-35146" to "CVE-2023-35148")
  • CVSSv2 severity (based on CVE-2023-35148, severity increased from "Low" to "High")
  • CVSSv3 score source (set to "CVE-2023-35142")
  • CVSSv3 severity (based on CVE-2023-35142, severity increased from "Medium" to "High")

Plugin Feed: 202307061617

Version 1.1

Jun 19, 2023, 2:10 PM

  • CVSS metrics ("CVSSv2 score" changed from 9.0 to 3.5. "CVSSv3 score" changed from 8.0 to 5.4. "CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C" to "CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:N". "CVSSv3 vector" changed from "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" to "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N")
  • CVSSv2 severity (based on CVE-2023-35146, severity decreased from "High" to "Low")
  • CVSSv3 score source (set to "CVE-2023-35146")
  • CVSSv3 severity (based on CVE-2023-35146, severity decreased from "High" to "Medium")

Plugin Feed: 202306191410

Version 1.0

Jun 16, 2023, 10:00 PM

  • New

Plugin Feed: 202306162200

* Changelogs are generally available for changes made after Nov 1, 2022