CVE-2016-3725 (jenkins)

CVE-2016-3725 (jenkins)

CloudBees Jenkins before 2.3 and LTS before 1.651.2 allows remote authenticated users to trigger updating of update site metadata by leveraging a missing permissions check. NOTE: this issue can be combined with DNS cache poisoning to cause a denial of service (service disruption).

Source: CVE-2016-3725 (jenkins)

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다