Language:
https://jenkins.io/security/advisory/2017-02-01/
https://www.cloudbees.com/cloudbees-security-advisory-2017-02-01
Severity: High
ID: 97609
File Name: jenkins_security_advisory_2017-02-01.nasl
Version: 1.16
Type: combined
Agent: windows, macosx, unix
Family: CGI abuses
Published: 3/8/2017
Updated: 6/5/2024
Configuration: Enable thorough checks
Supported Sensors: Nessus Agent, Nessus
Enable CGI Scanning: true
Risk Factor: Medium
Score: 6.7
Risk Factor: Medium
Base Score: 6.5
Temporal Score: 4.8
Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P
CVSS Score Source: CVE-2017-2608
Risk Factor: High
Base Score: 8.8
Temporal Score: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
CPE: cpe:/a:jenkins:jenkins, cpe:/a:cloudbees:jenkins
Required KB Items: installed_sw/Jenkins
Exploit Ease: No known exploits are available
Patch Publication Date: 2/1/2017
Vulnerability Publication Date: 7/29/2011
CVE: CVE-2011-4969, CVE-2015-0886, CVE-2016-9887, CVE-2017-1000362, CVE-2017-2598, CVE-2017-2599, CVE-2017-2600, CVE-2017-2601, CVE-2017-2602, CVE-2017-2603, CVE-2017-2604, CVE-2017-2606, CVE-2017-2607, CVE-2017-2608, CVE-2017-2609, CVE-2017-2610, CVE-2017-2611, CVE-2017-2612, CVE-2017-2613
BID: 95963, 95964, 95967, 58458, 95948, 95949, 95951, 95952, 95953, 95954, 95955, 95956, 95957, 95959, 95960, 95961, 95962